More shared MultiISP tweaks

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8703 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-09-08 15:40:53 +00:00
parent 19345a1fdc
commit 8af65b8a4c
3 changed files with 18 additions and 6 deletions

View File

@ -229,6 +229,7 @@ sub add_a_provider( $$$$$$$$ ) {
if ( $gateway eq 'detect' ) { if ( $gateway eq 'detect' ) {
fatal_error "'detect' is not allowed with USE_DEFAULT_RT=Yes" if $config{USE_DEFAULT_RT}; fatal_error "'detect' is not allowed with USE_DEFAULT_RT=Yes" if $config{USE_DEFAULT_RT};
fatal_error "Configuring multiple providers through one interface requires an explicit gateway" if $shared;
$gateway = get_interface_gateway $interface; $gateway = get_interface_gateway $interface;
} elsif ( $gateway && $gateway ne '-' ) { } elsif ( $gateway && $gateway ne '-' ) {
validate_address $gateway, 0; validate_address $gateway, 0;

View File

@ -1018,8 +1018,17 @@ gateway:~ #</programlisting>Note that because we used a priority of 1000, the
<para>You must manually add MARK rules for traffic known to come <para>You must manually add MARK rules for traffic known to come
from each provider.</para> from each provider.</para>
</listitem> </listitem>
<listitem>
<para>You must specify a gateway IP address in the GATEWAY column of
/etc/shorewall/providers; <emphasis role="bold">detect</emphasis> is
not permitted.</para>
</listitem>
</orderedlist> </orderedlist>
<para>Taken together, b. and h. effectively preclude using this
technique with dynamic IP addresses.</para>
<para>Example:</para> <para>Example:</para>
<para>This is our home network circa fall 2008. We have two internet <para>This is our home network circa fall 2008. We have two internet
@ -1039,7 +1048,9 @@ gateway:~ #</programlisting>Note that because we used a priority of 1000, the
<trademark>Presario</trademark> that I use for a firewall only has three <trademark>Presario</trademark> that I use for a firewall only has three
PCI slots and no onboard Ethernet, it doesn't have enough Ethernet PCI slots and no onboard Ethernet, it doesn't have enough Ethernet
controllers to support both providers. So I use a Linksys WRT300n pre-N controllers to support both providers. So I use a Linksys WRT300n pre-N
router as a gateway to that ISP.</para> router as a gateway to that ISP. Note that because the Comcast IP
address is dynamic, I could not share a single firewall interface
between the two providers directly.</para>
<para>On my personal laptop (ursa), I have 9 virtual machines running <para>On my personal laptop (ursa), I have 9 virtual machines running
various Linux distributions. <emphasis>It is the Shorewall configuration various Linux distributions. <emphasis>It is the Shorewall configuration

View File

@ -22,7 +22,7 @@ the
license is included in the section entitled <span license is included in the section entitled <span
style="text-decoration: underline;">"</span><a href="GnuCopyright.htm" style="text-decoration: underline;">"</span><a href="GnuCopyright.htm"
target="_self">GNU Free Documentation License</a>".</p> target="_self">GNU Free Documentation License</a>".</p>
<p>2008-08-23</p> <p>2008-09-08</p>
<hr style="width: 100%; height: 2px;"> <hr style="width: 100%; height: 2px;">
<h2>Table of Contents</h2> <h2>Table of Contents</h2>
<p style="margin-bottom: 0in; margin-left: 0.42in;"><a href="#Intro">Introduction <p style="margin-bottom: 0in; margin-left: 0.42in;"><a href="#Intro">Introduction
@ -152,15 +152,15 @@ problems</a> and <a
</ul> </ul>
The <span style="font-weight: bold;">current Development Release</span> The <span style="font-weight: bold;">current Development Release</span>
is is
4.2.0-RC1. 4.2.0-RC2.
<ul> <ul>
<li>Here are the <a <li>Here are the <a
href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/releasenotes.txt">release href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/releasenotes.txt">release
notes</a> </li> notes</a> </li>
<li>Here are the <a <li>Here are the <a
href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/known_problems.txt">known href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/known_problems.txt">known
problems</a> and <a problems</a> and <a
href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC1/errata/">updates</a>.</li> href="http://www1.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-RC2/errata/">updates</a>.</li>
</ul> </ul>
</div> </div>
<div style="margin-left: 40px;"> <div style="margin-left: 40px;">