forked from extern/shorewall_code
738b45ad9e
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2606 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
88 lines
3.0 KiB
Plaintext
Executable File
88 lines
3.0 KiB
Plaintext
Executable File
#
|
|
# Shorewall version 3.0 - Providers File
|
|
#
|
|
# /etc/shorewall/providers
|
|
#
|
|
# This file is used to define additional routing tables. You will
|
|
# want to define an additional table if:
|
|
#
|
|
# - You have connections to more than one ISP or multiple connections
|
|
# to the same ISP
|
|
#
|
|
# - You run Squid as a transparent proxy on a host other than the
|
|
# firewall.
|
|
#
|
|
# To omit a column, enter "-".
|
|
#
|
|
# Columns are:
|
|
#
|
|
# NAME The provider name.
|
|
#
|
|
# NUMBER The provider number -- a number between 1 and 15
|
|
#
|
|
# MARK A FWMARK value used in your /etc/shorewall/tcrules
|
|
# file to direct packets to this provider.
|
|
#
|
|
# DUPLICATE The name of an existing table to duplicate. May be
|
|
# 'main' or the name of a previous provider.
|
|
#
|
|
# INTERFACE The name of the network interface to the provider.
|
|
# Must be listed in /etc/shorewall/interfaces.
|
|
#
|
|
# GATEWAY The IP address of the provider's gateway router.
|
|
#
|
|
# You can enter "detect" here and Shorewall will
|
|
# attempt to detect the gateway automatically.
|
|
#
|
|
# OPTIONS A comma-separated list selected from the following:
|
|
#
|
|
# track If specified, connections FROM this interface are
|
|
# to be tracked so that responses may be routed back
|
|
# out this same interface.
|
|
#
|
|
# You want specify 'track' if internet hosts will be
|
|
# connecting to local servers through this provider.
|
|
#
|
|
# balance The providers that have 'default' specified will
|
|
# get outbound traffic load-balanced among them. By
|
|
# default, all interfaces with 'balance' specified
|
|
# will have the same weight (1). You can change the
|
|
# weight of an interface by specifiying balance=<weight>
|
|
# where <weight> is the weight of the route out of
|
|
# this interface.
|
|
#
|
|
# loose Normally, Shorewall adds routing rules to prohibit
|
|
# firewall marks from working with traffic generated
|
|
# on the firewall itself. By setting the 'loose'
|
|
# option, generation of these rules is avoided.
|
|
#
|
|
# COPY A comma-separated lists of other interfaces on your
|
|
# firewall. Only makes sense when DUPLICATE is 'main'.
|
|
# Only copy routes through INTERFACE and through
|
|
# interfaces listed here.
|
|
#
|
|
# Example: You run squid in your DMZ on IP address 192.168.2.99. Your DMZ
|
|
# interface is eth2
|
|
#
|
|
# #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
|
|
# Squid 1 1 - eth2 192.168.2.99 -
|
|
#
|
|
# Example:
|
|
#
|
|
# eth0 connects to ISP 1. The IP address of eth0 is 206.124.146.176 and
|
|
# the ISP's gateway router has IP address 206.124.146.254.
|
|
#
|
|
# eth1 connects to ISP 2. The IP address of eth1 is 130.252.99.27 and the
|
|
# ISP's gateway router has IP address 130.252.99.254.
|
|
#
|
|
# #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY
|
|
# ISP1 1 1 main eth0 206.124.146.254 track,balance
|
|
# ISP2 2 2 main eth1 130.252.99.254 track,balance
|
|
#
|
|
# For additional information, see
|
|
# http://shorewall.net/Shorewall_and_Routing.html
|
|
#
|
|
############################################################################################
|
|
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY
|
|
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
|