From c8dc7f12717eccf3bc1de42da6a215b14d4a8d5d Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 19 May 2005 14:00:57 +0000 Subject: [PATCH] Finish provider stuff git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall2/firewall | 13 ++++++++++++- Shorewall2/providers | 4 ++-- Shorewall2/releasenotes.txt | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/Shorewall2/firewall b/Shorewall2/firewall index dcd0f1e17..42df90405 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -1081,13 +1081,18 @@ setup_providers() for option in $(separate_list $options); do case $option in + -) + ;; track) eval ${iface}_routemark=$mark ROUTEMARK_INTERFACES="$ROUTEMARK_INTERFACES $interface" ;; - default) + balance) DEFAULT_ROUTE="$DEFAULT_ROUTE nexthop via $gateway dev $interface weight 1" ;; + *) + error_message " Warning: Invalid option ($option) ignored in provider \"$provider\"" + ;; esac done @@ -2792,6 +2797,12 @@ setup_tc1() { # run_iptables -t mangle -N tcpre + + for interface in $ROUTEMARK_INTERFACES; do + eval mark=\$$(chain_base $interface)_routemark + run_iptables -t mangle -A tcpre -m connmark --mark $mark -j RETURN + done + run_iptables -t mangle -N tcfor run_iptables -t mangle -N tcout run_iptables -t mangle -N tcpost diff --git a/Shorewall2/providers b/Shorewall2/providers index 38497fe1e..b0f7f0f49 100755 --- a/Shorewall2/providers +++ b/Shorewall2/providers @@ -38,10 +38,10 @@ # to be tracked so that responses may be routed back # out this same interface. # -# You want specify 'trask' if internet hosts will be +# You want specify 'track' if internet hosts will be # connecting to local servers through this provider. # -# default The providers that have 'default' specified will +# balance The providers that have 'default' specified will # get outbound traffic load-balanced among them. # # Example: You run squid in your DMZ on IP address 192.168.2.99. Your DMZ diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index 4bcc04f3e..6e20b6c71 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -137,7 +137,7 @@ New Features in version 2.3.2 must mark packets in the FORWARD chain (or better yet, use the CLASSIFY target). - default The providers that have 'default' specified will + balance The providers that have 'balance' specified will get outbound traffic load-balanced among them. Example: You run squid in your DMZ on IP address