holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add KEEP_RT_TABLES to interoperability issues

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9108 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-12-18 00:55:37 +00:00
parent 65b1494257
commit 7322db665a
1 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
docs/IPv6Support.xml
View File

@ -98,7 +98,7 @@
family has no effect on the other address family.</para> family has no effect on the other address family.</para>
<para>As a consequence, there is very little interaction between <para>As a consequence, there is very little interaction between
Shorewall and Shorewall6. </para> Shorewall and Shorewall6.</para>
<section> <section>
<title>DISABLE_IPV6</title> <title>DISABLE_IPV6</title>
@ -113,7 +113,7 @@
<section> <section>
<title>TC_ENABLED</title> <title>TC_ENABLED</title>
<para>The other area where their configurations overlap is in traffic <para>Another area where their configurations overlap is in traffic
shaping; the <filename>tcdevices</filename> and tcclasses files do shaping; the <filename>tcdevices</filename> and tcclasses files do
exactly the same thing in both Shorewall and Shorewall6. Consequently, exactly the same thing in both Shorewall and Shorewall6. Consequently,
you will have TC_ENABLED=Internal in Shorewall or in Shorewall6 and you will have TC_ENABLED=Internal in Shorewall or in Shorewall6 and
@ -134,6 +134,41 @@
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>KEEP_RT_TABLES</title>
<para>Multi-ISP users will need to be aware of this one. When there
are entries in the providers file, Shorewall normally installs a
modified <filename>/etc/iproute2/rt_tables</filename> during
<command>shorewall start</command> and <command>shorewall
restart</command> and restores a default file during
<command>shorewall stop</command>. Setting KEEP_RT_TABLES=Yes in
<ulink url="manpages/shorewall.conf.html">shorewall.conf</ulink>(5)
stops Shorewall (Shorewall lite) from modifying
<filename>/etc/iproute2/rt_tables</filename>.</para>
<para>Shorewall6 is also capable of modifying
<filename>/etc/iproute2/rt_tables</filename> in a similar way.</para>
<para>Our recommendation to Multi-ISP users is to:</para>
<itemizedlist>
<listitem>
<para>Select the same names for similar providers.</para>
</listitem>
<listitem>
<para>Set KEEP_RT_TABLES=No in <ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink>(5) and
set KEEP_RT_TABLES=Yes in <ulink
url="manpages6/shorewall6.conf.html">shorewall6.conf</ulink>(5).</para>
</listitem>
</itemizedlist>
<para>These setting allow Shorewall to control the contents of
<filename>/etc/iproute2/rt_tables</filename>.</para>
</section>
</section> </section>
</section> </section>