[Shorewall-users] Routing subnet across 2 interfaces

Tom Eastep teastep at shorewall.net
Sun Aug 17 18:34:12 PDT 2003


On Sun, 17 Aug 2003 17:23:54 -0700 (Pacific Daylight Time), Tom Eastep 
<teastep at shorewall.net> wrote:

> On Mon, 18 Aug 2003, Jon Booth wrote:
>
>> Is this possible?
>>
>> I would like to enable routing from eth2 to eth1 for a certain subnet.
>>
>
> Not easy -- but you can enable access from eth2 to eth1 for a certain
> subnet.

What I'm saying here is that conditional routing isn't easy (and is only 
vaguely related to Shorewall. To do conditional routing, you must set up 
multiple routing tables then create rules to use packets from some hosts to 
use an alternate table. Shorewall can be used to mark the packets for later 
assignment to a routing table).

But Shorewall has facilities for permitting connections conditionally 
between interfaces; which is what I think you want.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net


More information about the Shorewall-users mailing list