Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   18016 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SHOREWALL-ROUTE_RUL(5)					SHOREWALL-ROUTE_RUL(5)

NAME
       route_rules - Shorewall Routing Rules file

SYNOPSIS
       /etc/shorewall/route_rules

DESCRIPTION
       Entries in this file cause traffic to be routed to one of the providers
       listed in shorewall-providers[1](5).

       The columns in the file are as follows.

       SOURCE (Optional) - {-|interface|address|interface:address}
	   An ip address (network or host) that matches the source IP address
	   in a packet. May also be specified as an interface name optionally
	   followed by ":" and an address. If the device lo is specified, the
	   packet must originate from the firewall itself.

       DEST (Optional) - {-|address}
	   An ip address (network or host) that matches the destination IP
	   address in a packet.

	   If you choose to omit either SOURCE or DEST, place "-" in that
	   column. Note that you may not omit both SOURCE and DEST.

       PROVIDER - {provider-name|provider-number|main}
	   The provider to route the traffic through. May be expressed either
	   as the provider name or the provider number. May also be main or
	   254 for the main routing table. This can be used in combination
	   with VPN tunnels, see example 2 below.

       PRIORITY - priority
	   The rule´s numeric priority which determines the order in which the
	   rules are processed. Rules with equal priority are applied in the
	   order in which they appear in the file.

	   1000-1999
	       Before Shorewall-generated ´MARK´ rules

	   11000-11999
	       After ´MARK´ rules but before Shorewall-generated rules for ISP
	       interfaces.

	   26000-26999
	       After ISP interface rules but before ´default´ rule.

EXAMPLES
       Example 1:
	   You want all traffic coming in on eth1 to be routed to the ISP1
	   provider.

		       #SOURCE		       DEST	       PROVIDER	       PRIORITY
		       eth1		       -	       ISP1	       1000

       Example 2:
	   You use OpenVPN (routed setup /tunX) in combination with multiple
	   providers. In this case you have to set up a rule to ensure that
	   the OpenVPN traffic is routed back through the tunX interface(s)
	   rather than through any of the providers. 10.8.0.0/24 is the subnet
	   chosen in your OpenVPN configuration (server 10.8.0.0
	   255.255.255.0).

			#SOURCE			DEST		PROVIDER	PRIORITY
			-			10.8.0.0/24	main		1000

FILES
       /etc/shorewall/route_rules

SEE ALSO
       http://shorewall.net/MultiISP.html

       shorewall(8), shorewall-accounting(5), shorewall-actions(5),
       shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
       shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
       shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
       shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
       shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
       shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)

NOTES
	1. shorewall-providers
	   shorewall-providers.html

				  09/05/2009		SHOREWALL-ROUTE_RUL(5)

Vote for polarhome