1SHOREWALL-ROUTE_RUL(5)          [FIXME: manual]         SHOREWALL-ROUTE_RUL(5)
2
3
4

NAME

6       route_rules - Shorewall Routing Rules file
7

SYNOPSIS

9       /etc/shorewall/route_rules
10

DESCRIPTION

12       Entries in this file cause traffic to be routed to one of the providers
13       listed in shorewall-providers[1](5).
14
15       The columns in the file are as follows.
16
17       SOURCE (Optional) - {-|interface|address|interface:address}
18           An ip address (network or host) that matches the source IP address
19           in a packet. May also be specified as an interface name optionally
20           followed by ":" and an address. If the device lo is specified, the
21           packet must originate from the firewall itself.
22
23       DEST (Optional) - {-|address}
24           An ip address (network or host) that matches the destination IP
25           address in a packet.
26
27           If you choose to omit either SOURCE or DEST, place "-" in that
28           column. Note that you may not omit both SOURCE and DEST.
29
30       PROVIDER - {provider-name|provider-number|main}
31           The provider to route the traffic through. May be expressed either
32           as the provider name or the provider number. May also be main or
33           254 for the main routing table. This can be used in combination
34           with VPN tunnels, see example 2 below.
35
36       PRIORITY - priority
37           The rule's numeric priority which determines the order in which the
38           rules are processed. Rules with equal priority are applied in the
39           order in which they appear in the file.
40
41           1000-1999
42               Before Shorewall-generated 'MARK' rules
43
44           11000-11999
45               After 'MARK' rules but before Shorewall-generated rules for ISP
46               interfaces.
47
48           26000-26999
49               After ISP interface rules but before 'default' rule.
50

EXAMPLES

52       Example 1:
53           You want all traffic coming in on eth1 to be routed to the ISP1
54           provider.
55
56                       #SOURCE                 DEST            PROVIDER        PRIORITY
57                       eth1                    -               ISP1            1000
58
59       Example 2:
60           You use OpenVPN (routed setup /tunX) in combination with multiple
61           providers. In this case you have to set up a rule to ensure that
62           the OpenVPN traffic is routed back through the tunX interface(s)
63           rather than through any of the providers. 10.8.0.0/24 is the subnet
64           chosen in your OpenVPN configuration (server 10.8.0.0
65           255.255.255.0).
66
67                        #SOURCE                 DEST            PROVIDER        PRIORITY
68                        -                       10.8.0.0/24     main            1000
69

FILES

71       /etc/shorewall/route_rules
72

SEE ALSO

74       http://shorewall.net/MultiISP.html
75
76       shorewall(8), shorewall-accounting(5), shorewall-actions(5),
77       shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
78       shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5),
79       shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
80       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
81       shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
82       shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
83       shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
84       shorewall-zones(5)
85

NOTES

87        1. shorewall-providers
88           http://www.shorewall.net/manpages/shorewall-providers.html
89
90
91
92[FIXME: source]                   09/16/2011            SHOREWALL-ROUTE_RUL(5)
Impressum