File: route_rules

package info (click to toggle)
shorewall 3.2.6-2
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k
  • size: 1,508 kB
  • ctags: 288
  • sloc: sh: 12,774; makefile: 66
file content (70 lines) | stat: -rw-r--r-- 2,418 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
#
# Shorewall version 3.2 - route_rules File
#
# /etc/shorewall/route_rules
#
#	Entries in this file cause traffic to be routed to one of the
#	providers listed in /etc/shorewall/providers.
#
#	Columns are:
#
#		SOURCE(optional)
#				An ip address (network or host) that
#				matches the source IP address in a packet.
#				May also be specified as an interface
#				name optionally followed by ":" and an
#				address. If the device 'lo' is specified,
#				the packet must originate from the firewall
#				itself.
#
#		DEST(optional)  An ip address (network or host) that
#				matches the destination IP address in a packet.
#
#				If you choose to omit either SOURCE or DEST,
#				place "-" in that column. Note that you
#				may not omit both SOURCE and DEST.
#
#		PROVIDER        The provider to route the traffic through.
#				May be expressed either as the provider name
#				or the provider number. May also be 'main'
#				or 254 for the main routing table. This can
#				be used in combination with VPN tunnels, see
#				example 2 below.
#
#		PRIORITY
#				The rule's priority which determines the order
#				in which the rules are processed.
#
#				1000-1999   Before Shorewall-generated
#					    'MARK' rules
#
#				11000- 11999 After 'MARK' rules but before
#					    Shorewall-generated rules for
#					    ISP interfaces.
#
#				26000-26999 After ISP interface rules but
#					    before 'default' rule.
#
#				Rules with equal priority are applied in
#				the order in which they appear in the file.
#
# Example 1: You want all traffic coming in on eth1 to be routed to the ISP1
#          provider:
#
#	#SOURCE			DEST		PROVIDER	PRIORITY
#	eth1	    		-		ISP1		1000
#
# Example 2: You use OpenVPN (routed setup /tunX) in combination with multiple
#            providers. In this case you have to set up a rule to ensure that
#            the OpenVPN traffic is routed back through the tunX interface(s)
#            rather than through any of the providers. 10.8.0.0/24 is the
#            subnet choosen in your OpenVPN configuration (server 10.8.0.0
#            255.255.255.0)
#
#	#SOURCE			DEST		PROVIDER	PRIORITY
#	-	    		10.8.0.0/24	main		1000
#
# For additional information, see http://www.shorewall.net/MultiISP.html
##############################################################################
#SOURCE			DEST			PROVIDER	PRIORITY
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE