SHOREWALL6-RTRULES(5) [FIXME: manual] SHOREWALL6-RTRULES(5)NAME
rtrules - Shorewall6 Routing Rules file
SYNOPSIS
/etc/shorewall6/rtrules
DESCRIPTION
Entries in this file cause traffic to be routed to one of the providers
listed in shorewall6-providers[1](5).
The columns in the file are as follows.
SOURCE (Optional) - {-|interface|address|interface:<address>}
An ip address (network or host) that matches the source IP address
in a packet. May also be specified as an interface name optionally
followed by ":" and an address. If the device lo is specified, the
packet must originate from the firewall itself.
Beginning with Shorewall 4.5.0, you may specify &interface in this
column to indicate that the source is the primary IP address of the
named interface.
DEST (Optional) - {-|address}
An ip address (network or host) that matches the destination IP
address in a packet.
If you choose to omit either SOURCE or DEST, place "-" in that
column. Note that you may not omit both SOURCE and DEST.
PROVIDER - {provider-name|provider-number|main}
The provider to route the traffic through. May be expressed either
as the provider name or the provider number. May also be main or
254 for the main routing table. This can be used in combination
with VPN tunnels, see example 2 below.
PRIORITY - priority
The rule's numeric priority which determines the order in which the
rules are processed. Rules with equal priority are applied in the
order in which they appear in the file.
1000-1999
Before Shorewall6-generated 'MARK' rules
11000-11999
After 'MARK' rules but before Shorewall6-generated rules for
ISP interfaces.
26000-26999
After ISP interface rules but before 'default' rule.
MARK - {-|mark[/mask]}
Optional -- added in Shorewall 4.4.25. For this rule to be applied
to a packet, the packet's mark value must match the mark when
logically anded with the mask. If a mask is not supplied, Shorewall
supplies a suitable provider mask.
EXAMPLES
Example 1:
You want all traffic coming in on eth1 to be routed to the ISP1
provider.
#SOURCE DEST PROVIDER PRIORITY MASK
eth1 - ISP1 1000
FILES
/etc/shorewall6/rtrules
SEE ALSO
http://shorewall.net/MultiISP.html
shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5),
shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
shorewall6-maclist(5), shorewall6-netmap(5),shorewall6-params(5),
shorewall6-policy(5), shorewall6-providers(5),
shorewall6-routestopped(5), shorewall6-rules(5), shorewall6.conf(5),
shorewall6-secmarks(5), shorewall6-tcclasses(5),
shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5),
shorewall6-tunnels(5), shorewall6-zones(5)NOTES
1. shorewall6-providers
http://www.shorewall.net/manpages6/shorewall6-providers.html
[FIXME: source] 12/19/2013 SHOREWALL6-RTRULES(5)