Finish provider stuff

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall2/firewall

@@ -1081,13 +1081,18 @@ setup_providers()
 	
 	for option in $(separate_list $options); do
 	    case $option in
+		-)
+		    ;;
 		track)
 		    eval ${iface}_routemark=$mark
 		    ROUTEMARK_INTERFACES="$ROUTEMARK_INTERFACES $interface"
 		    ;;
-		default)
+		balance)
 		    DEFAULT_ROUTE="$DEFAULT_ROUTE nexthop via $gateway dev $interface weight 1"
 		    ;;
+		*)
+		    error_message "   Warning: Invalid option ($option) ignored in provider \"$provider\""
+		    ;;
 	    esac
 	done
 
@@ -2792,6 +2797,12 @@ setup_tc1() {
     #
 
     run_iptables -t mangle -N tcpre
+
+    for interface in $ROUTEMARK_INTERFACES; do
+	eval mark=\$$(chain_base $interface)_routemark
+	run_iptables -t mangle -A tcpre -m connmark --mark $mark -j RETURN
+    done
+
     run_iptables -t mangle -N tcfor
     run_iptables -t mangle -N tcout
     run_iptables -t mangle -N tcpost

Shorewall2/providers

@@ -38,10 +38,10 @@
 #			to be tracked so that responses may be routed back
 #			out this same interface.
 #
-#			You want specify 'trask' if internet hosts will be
+#			You want specify 'track' if internet hosts will be
 #			connecting to local servers through this provider.
 #
-#		default The providers that have 'default' specified will
+#		balance The providers that have 'default' specified will
 #			get outbound traffic load-balanced among them.
 #
 # Example:  You run squid in your DMZ on IP address 192.168.2.99. Your DMZ

Shorewall2/releasenotes.txt

@@ -137,7 +137,7 @@ New Features in version 2.3.2
 		       must mark packets in the FORWARD chain (or
 		       better yet, use the CLASSIFY target).
 
-               default The providers that have 'default' specified will
+               balance The providers that have 'balance' specified will
                        get outbound traffic load-balanced among them.
 
        Example:  You run squid in your DMZ on IP address