From 4ccedb0f10579e447b65e4b29c3d6071243eec9f Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 20 May 2005 17:06:38 +0000
Subject: [PATCH] Multi-ISP doc updates

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2148 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-docs2/Shorewall_and_Routing.xml | 24 ++++++++++++++++++-----
 Shorewall-docs2/traffic_shaping.xml       | 10 +++++++++-
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/Shorewall-docs2/Shorewall_and_Routing.xml b/Shorewall-docs2/Shorewall_and_Routing.xml
index 230df9061..08c598656 100644
--- a/Shorewall-docs2/Shorewall_and_Routing.xml
+++ b/Shorewall-docs2/Shorewall_and_Routing.xml
@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-05-19</pubdate>
+    <pubdate>2005-05-20</pubdate>
 
     <copyright>
       <year>2005</year>
@@ -260,8 +260,9 @@
 
         <itemizedlist>
           <listitem>
-            <para>Packet marking for traffic control purposes must be done in
-            the FORWARD table.</para>
+            <para>Packet marking for traffic control purposes may not be done
+            in the PREROUTING table for connections involving providers with
+            'track' specified (see below).</para>
           </listitem>
 
           <listitem>
@@ -384,8 +385,11 @@
                   <glossterm>balance</glossterm>
 
                   <glossdef>
-                    <para>The providers that have 'default' specified will get
-                    outbound traffic load-balanced among them.</para>
+                    <para>The providers that have 'balance' specified will get
+                    outbound traffic load-balanced among them. Balancing will
+                    not be perfect, as it is route based, and routes are
+                    cached. This means that routes to often-used sites will
+                    always be over the same provider.</para>
                   </glossdef>
                 </glossentry>
               </glosslist>
@@ -427,6 +431,16 @@ net        net            DROP</programlisting>
       <programlisting>#INTERFACE       SUBNET            ADDRESS
 eth0             eth2              206.124.146.176
 eth1             eth2              130.252.99.27</programlisting>
+
+      <para>Now suppose that you want to route all outgoing SMTP traffic
+      through ISP 2. You would make this entry in <ulink
+      url="traffic_shaping.htm">/etc/shorewall/tcrules</ulink> (and you would
+      set TC_ENABLED=Yes in <ulink
+      url="???">/etc/shorewall/shorewall.conf</ulink>).</para>
+
+      <programlisting>#MARK           SOURCE          DEST            PROTO   PORT(S) CLIENT  USER    TEST
+#                                                               PORT(S)
+2               &lt;local network&gt; 0.0.0.0/0       tcp     25</programlisting>
     </section>
   </section>
 
diff --git a/Shorewall-docs2/traffic_shaping.xml b/Shorewall-docs2/traffic_shaping.xml
index cafbf5250..e80f194fc 100644
--- a/Shorewall-docs2/traffic_shaping.xml
+++ b/Shorewall-docs2/traffic_shaping.xml
@@ -15,7 +15,7 @@
       </author>
     </authorgroup>
 
-    <pubdate>2005-02-19</pubdate>
+    <pubdate>2005-05-20</pubdate>
 
     <copyright>
       <year>2001-2005</year>
@@ -191,6 +191,14 @@
       in the <filename>/etc/shorewall/tcrules</filename> file.</para>
     </important>
 
+    <important>
+      <para>If you use providers (in /etc/shorewall/providers) with the
+      'track' option then there are restrictions about how you can mark
+      packets involving those providers; see the <ulink
+      url="Shorewall_and_Routing.html">Shorewall Routing documentation</ulink>
+      for details.</para>
+    </important>
+
     <para>Columns in the file are as follows:</para>
 
     <itemizedlist>