diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml
index 4b722548e..2b2fad4b8 100644
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@@ -619,163 +619,6 @@
/etc/shorewall/route_rules.
-
- Gateway Monitoring and Failover
-
- Beginning with Shorewall 4.2.6, Shorewall includes a sample
- monitoring script swping. The
- swping file is available in the main directory
- contained in the Shorewall-common tarball and is included in the
- Shorewall-common documentation directory on the Shorewall-common
- RPM.
-
- For those not on 4.2.6 yet, the script may be downloaded from
- http://www.shorewall.net/pub/shorewall/contrib/MultiISP-failover/.
-
-
- These samples are offered as is — they work
- for me but I don't make any claim that they will work for anyone else.
- But if you have a need for automated link monitoring, they offer you a
- place to start.
-
-
- The script should be copied to a directory on root's PATH such as
- /usr/local/sbin/.
-
- The script monitors two interfaces but it is a trivial exercise to
- extend it to more than two. At the top are a number of variables to
- set:
-
- #
-# IP family -- 4 or 6
-#
-FAMILY=4
-#
-# The commands to run when the status of a line changes. Both commands will be executed.
-#
-COMMANDA=
-COMMANDB="ip -$FAMILY route ls"
-...
-#
-# Interfaces to monitor -- you may use shell variables from your params file
-#
-IF1=eth0
-IF2=eth1
-#
-# Sites to Ping. Must not depend on the associated interface having a default route through it.
-#
-TARGET1=
-TARGET2=
-#
-# How often to ping
-#
-PING_INTERVAL=5
-#
-# Value for ping's -W option
-#
-PING_TIMEOUT=2
-#
-# This many successive pings must succeed for the interface to be marked up when it is down
-#
-UP_COUNT=5
-#
-# This many successive pings must fail for the interface to be marked down when it is up
-#
-DOWN_COUNT=2
-
- If you leave COMMANDA empty, the script sets its value
- automatically depending on whether Shorewall-lite is installed.
-
- When the status of an interface changes:
-
-
-
- For each interface, a file is placed in /etc/shorewall to
- record the status of the interface: either 0 (UP) or 1 (DOWN). The
- name of the file is interface.status where
- interface is the interface (e.g.,
- eth0.status).
-
-
-
- A shorewall -f restart command is executed
- (shorewall-lite restart, if Shorewall-lite is
- installed).
-
-
-
- The contents of the main routing table are displayed.
-
-
-
- The .status files are intended to be used with the following
- /etc/shorewall/isusable script.local status=0
-
-case $1 in
- eth0|eth1)
- [ -f /etc/shorewall/${1}.status ] && status=$(cat /etc/shorewall/${1}.status)
- ;;
-esac
-
-return $status
-
- Be sure that you modify the interface names to match your
- configuration.
-
- Also included is a sample init script
- (swping.init) to start the monitoring daemon. Copy
- it to /etc/init.d/swping and use your
- distribution's SysV init tools to cause it to be run at boot. It works
- on OpenSuSE 11.0 -- YMMV. Modify the PROG and
- STATEDIR variables as needed.
-
- As an alternative to using the init script, you can add the
- following to /etc/shorewall/started:
-
- if [ "$COMMAND" = start ]; then
- killall -9 swping 2> /dev/null #be sure that there are none left running
- /usr/local/sbin/swping &
-fi
-
- and add this to
- /etc/shorewall/stopped.
-
- if [ "$COMMAND" = stop -o "$COMMAND" = clear ]; then
- killall -9 swping 2> /dev/null
-fi
-
- This simple script has a number of limitations:
-
-
-
- It only works on IPv4 or IPv6 but not both at once. So if you
- want to monitor both IPv4 and IPv6, you need to clone the script are
- run two copies; one for IPv4 and one for IPv6.
-
-
-
- It's method of determining whether an interface is up or down
- is crude. You will normally specify the default gateway for each
- provider as the sites to ping and being able to ping the default
- gateway is not a surefire indication that the provider is usable.
- The method of determining whether a site is up or down is also
- crude.
-
-
-
- Because of the crudeness of the algorithm, hysteresis may
- occur.
-
-
-
- It is tricky to configure a system such that the system works
- correctly when one of its providers is down unless you largely don't
- care which interface is used.
-
-
-
-
Martians
@@ -1227,6 +1070,163 @@ shorewall 2 2 - eth0 192.168.1.254 track,balance=2,optional<
- - shorewall 11999
+
+ Gateway Monitoring and Failover
+
+ Beginning with Shorewall 4.2.6, Shorewall includes a sample
+ monitoring script swping. The
+ swping file is available in the main directory
+ contained in the Shorewall-common tarball and is included in the
+ Shorewall-common documentation directory on the Shorewall-common
+ RPM.
+
+ For those not on 4.2.6 yet, the script may be downloaded from
+ http://www.shorewall.net/pub/shorewall/contrib/MultiISP-failover/.
+
+
+ These samples are offered as is — they work
+ for me but I don't make any claim that they will work for anyone else.
+ But if you have a need for automated link monitoring, they offer you a
+ place to start.
+
+
+ The script should be copied to a directory on root's PATH such as
+ /usr/local/sbin/.
+
+ The script monitors two interfaces but it is a trivial exercise to
+ extend it to more than two. At the top are a number of variables to
+ set:
+
+ #
+# IP family -- 4 or 6
+#
+FAMILY=4
+#
+# The commands to run when the status of a line changes. Both commands will be executed.
+#
+COMMANDA=
+COMMANDB="ip -$FAMILY route ls"
+...
+#
+# Interfaces to monitor -- you may use shell variables from your params file
+#
+IF1=eth0
+IF2=eth1
+#
+# Sites to Ping. Must not depend on the associated interface having a default route through it.
+#
+TARGET1=
+TARGET2=
+#
+# How often to ping
+#
+PING_INTERVAL=5
+#
+# Value for ping's -W option
+#
+PING_TIMEOUT=2
+#
+# This many successive pings must succeed for the interface to be marked up when it is down
+#
+UP_COUNT=5
+#
+# This many successive pings must fail for the interface to be marked down when it is up
+#
+DOWN_COUNT=2
+
+ If you leave COMMANDA empty, the script sets its value
+ automatically depending on whether Shorewall-lite is installed.
+
+ When the status of an interface changes:
+
+
+
+ For each interface, a file is placed in /etc/shorewall to
+ record the status of the interface: either 0 (UP) or 1 (DOWN). The
+ name of the file is interface.status where
+ interface is the interface (e.g.,
+ eth0.status).
+
+
+
+ A shorewall -f restart command is executed
+ (shorewall-lite restart, if Shorewall-lite is
+ installed).
+
+
+
+ The contents of the main routing table are displayed.
+
+
+
+ The .status files are intended to be used with the following
+ /etc/shorewall/isusable script.local status=0
+
+case $1 in
+ eth0|eth1)
+ [ -f /etc/shorewall/${1}.status ] && status=$(cat /etc/shorewall/${1}.status)
+ ;;
+esac
+
+return $status
+
+ Be sure that you modify the interface names to match your
+ configuration.
+
+ Also included is a sample init script
+ (swping.init) to start the monitoring daemon. Copy
+ it to /etc/init.d/swping and use your
+ distribution's SysV init tools to cause it to be run at boot. It works
+ on OpenSuSE 11.0 -- YMMV. Modify the PROG and
+ STATEDIR variables as needed.
+
+ As an alternative to using the init script, you can add the
+ following to /etc/shorewall/started:
+
+ if [ "$COMMAND" = start ]; then
+ killall -9 swping 2> /dev/null #be sure that there are none left running
+ /usr/local/sbin/swping &
+fi
+
+ and add this to
+ /etc/shorewall/stopped.
+
+ if [ "$COMMAND" = stop -o "$COMMAND" = clear ]; then
+ killall -9 swping 2> /dev/null
+fi
+
+ This simple script has a number of limitations:
+
+
+
+ It only works on IPv4 or IPv6 but not both at once. So if you
+ want to monitor both IPv4 and IPv6, you need to clone the script are
+ run two copies; one for IPv4 and one for IPv6.
+
+
+
+ It's method of determining whether an interface is up or down
+ is crude. You will normally specify the default gateway for each
+ provider as the sites to ping and being able to ping the default
+ gateway is not a surefire indication that the provider is usable.
+ The method of determining whether a site is up or down is also
+ crude.
+
+
+
+ Because of the crudeness of the algorithm, hysteresis may
+ occur.
+
+
+
+ It is tricky to configure a system such that the system works
+ correctly when one of its providers is down unless you largely don't
+ care which interface is used.
+
+
+
+
Two Providers Sharing an Interface