Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 28 December 2024, 04:34:58 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Development
| |-+  EFW Wishlist
| | |-+  Gateway out of the network segment
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Gateway out of the network segment  (Read 17641 times)
tharude
Jr. Member
*
Offline Offline

Posts: 1


« on: Thursday 22 November 2007, 08:17:29 am »

Hi all,

Today i gave a try on 2.2-Beta1. A lot of work seems to be done with multiple uplinks.
But there was one thing missing. I hope that you'll agree with me on this subject, that
if you ever need to put a gateway out of your network segment, it is impossible to be
done. It will be nice if there is opportunity to add a single host in your routing
table and put it as gateway after that. Something like:

step one:

route add -host 192.168.1.254 eth3

step two:

ping the interface to see if it is  

step three:

route add default gw 192.168.1.254

When i've tried to make this by hand, all i've seen in the logs is that gw is out of my
network segment and since it can't be pinged it went immediately down.

Since it is still Beta, it will be really nice to see such an option in the release.

Another thing came up in to my mind, all the time spent to play with MANGLE table with squid enabled was not totaly wasted. One thing i can advice, when you mark a packet e.g. 0xc8 and want to route it via certain uplink interface you must add by hand in your squid.conf the following:

tcp_outgoing_tos 0xc8
tcp_outgoing_address 192.168.0.2

killall -9 squid & /usr/sbin/squid -D

so the packet can be properly masked and routed via pointed interface. Any idea how to acheive this automatically?

Best regards!
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 21 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com