From 8232d950b8bdadd179eb1e0112595c15c6246a1d Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 3 Jan 2006 01:21:10 +0000 Subject: [PATCH] Add fw->nat masq rules to multi-ISP doc git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3215 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-docs2/MultiISP.xml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Shorewall-docs2/MultiISP.xml b/Shorewall-docs2/MultiISP.xml index f6843a23f..61e185a90 100644 --- a/Shorewall-docs2/MultiISP.xml +++ b/Shorewall-docs2/MultiISP.xml @@ -49,7 +49,7 @@ ethernet interfaces to two different ISPs as in the following diagram. - + @@ -265,7 +265,7 @@ have multiple internet connections, we recommend that you specify 'balance' even if you don't need it. You can still use entries in /etc/shorewall/tcrules - to force traffic to one provider or another. + to force traffic to one provider or another. @@ -414,6 +414,14 @@ net eth1 detect … #SOURCE DESTINATION POLICY LIMIT:BURST net net DROP + Regardless of whether you have masqueraded hosts or not, YOU MUST ADD THESE TWO ENTRIES TO + /etc/shorewall/masq: + + #INTERFACE SUBNET ADDRESS +eth0 130.252.99.27 206.124.146.176 +eth1 206.124.146.176 130.252.99.27 + If you have masqueraded hosts, be sure to update /etc/shorewall/masq to masquerade to both ISPs. For example, if you masquerade all hosts connected to