From 8af65b8a4c1e7a4888d752a2ee5fb87dd3e398d2 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Mon, 8 Sep 2008 15:40:53 +0000
Subject: [PATCH] More shared MultiISP tweaks

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8703 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Providers.pm |  1 +
 docs/MultiISP.xml                     | 13 ++++++++++++-
 web/shorewall_index.htm               | 10 +++++-----
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/Shorewall-perl/Shorewall/Providers.pm b/Shorewall-perl/Shorewall/Providers.pm
index a36df9aea..b81cb6f66 100644
--- a/Shorewall-perl/Shorewall/Providers.pm
+++ b/Shorewall-perl/Shorewall/Providers.pm
@@ -229,6 +229,7 @@ sub add_a_provider( $$$$$$$$ ) {
 
     if ( $gateway eq 'detect' ) {
 	fatal_error "'detect' is not allowed with USE_DEFAULT_RT=Yes" if $config{USE_DEFAULT_RT};
+	fatal_error "Configuring multiple providers through one interface requires an explicit gateway" if $shared;
 	$gateway = get_interface_gateway $interface;
     } elsif ( $gateway && $gateway ne '-' ) {
 	validate_address $gateway, 0;
diff --git a/docs/MultiISP.xml b/docs/MultiISP.xml
index cab7226b2..f9d7aab98 100644
--- a/docs/MultiISP.xml
+++ b/docs/MultiISP.xml
@@ -1018,8 +1018,17 @@ gateway:~ #</programlisting>Note that because we used a priority of 1000, the
           <para>You must manually add MARK rules for traffic known to come
           from each provider.</para>
         </listitem>
+
+        <listitem>
+          <para>You must specify a gateway IP address in the GATEWAY column of
+          /etc/shorewall/providers; <emphasis role="bold">detect</emphasis> is
+          not permitted.</para>
+        </listitem>
       </orderedlist>
 
+      <para>Taken together, b. and h. effectively preclude using this
+      technique with dynamic IP addresses.</para>
+
       <para>Example:</para>
 
       <para>This is our home network circa fall 2008. We have two internet
@@ -1039,7 +1048,9 @@ gateway:~ #</programlisting>Note that because we used a priority of 1000, the
       <trademark>Presario</trademark> that I use for a firewall only has three
       PCI slots and no onboard Ethernet, it doesn't have enough Ethernet
       controllers to support both providers. So I use a Linksys WRT300n pre-N
-      router as a gateway to that ISP.</para>
+      router as a gateway to that ISP. Note that because the Comcast IP
+      address is dynamic, I could not share a single firewall interface
+      between the two providers directly.</para>
 
       <para>On my personal laptop (ursa), I have 9 virtual machines running
       various Linux distributions. <emphasis>It is the Shorewall configuration
diff --git a/web/shorewall_index.htm b/web/shorewall_index.htm
index ff47a49f0..8b28b6dff 100644
--- a/web/shorewall_index.htm
+++ b/web/shorewall_index.htm
@@ -22,7 +22,7 @@ the
 license is included in the section entitled <span
  style="text-decoration: underline;">"</span><a href="GnuCopyright.htm"
  target="_self">GNU Free Documentation License</a>".</p>
-<p>2008-08-23</p>
+<p>2008-09-08</p>
 <hr style="width: 100%; height: 2px;">
 <h2>Table of Contents</h2>
 <p style="margin-bottom: 0in; margin-left: 0.42in;"><a href="#Intro">Introduction
@@ -152,15 +152,15 @@ problems</a> and <a
 </ul>
 The <span style="font-weight: bold;">current Development Release</span>
 is
-4.2.0-RC1.
+4.2.0-RC2.
 <ul>
   <li>Here are the <a
- href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/releasenotes.txt">release
+ href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/releasenotes.txt">release
 notes</a> </li>
   <li>Here are the <a
- href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/known_problems.txt">known
+ href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/known_problems.txt">known
 problems</a> and <a
- href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/errata/">updates</a>.</li>
+ href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/errata/">updates</a>.</li>
 </ul>
 </div>
 <div style="margin-left: 40px;">