'\" t
.\" Title: shorewall6-rtrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1
.\" Date: 10/19/2014
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
.TH "SHOREWALL6\-RTRULES" "5" "10/19/2014" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
rtrules \- Shorewall6 Routing Rules file
.SH "SYNOPSIS"
.HP \w'\fB/etc/shorewall6/rtrules\fR\ 'u
\fB/etc/shorewall6/rtrules\fR
.SH "DESCRIPTION"
.PP
Entries in this file cause traffic to be routed to one of the providers listed in
\m[blue]\fBshorewall6\-providers\fR\m[]\&\s-2\u[1]\d\s+2(5)\&.
.PP
The columns in the file are as follows\&.
.PP
\fBSOURCE\fR (Optional) \- {\fB\-\fR|\fIinterface\fR|\fIaddress\fR|\fIinterface\fR:\fI
}
.RS 4
An ip
\fIaddress\fR
(network or host) that matches the source IP address in a packet\&. May also be specified as an
\fIinterface\fR
name optionally followed by ":" and an address\&. If the device
\fBlo\fR
is specified, the packet must originate from the firewall itself\&.
.sp
Beginning with Shorewall 4\&.5\&.0, you may specify &\fIinterface\fR
in this column to indicate that the source is the primary IP address of the named interface\&.
.RE
.PP
\fBDEST\fR (Optional) \- {\fB\-\fR|\fIaddress\fR}
.RS 4
An ip address (network or host) that matches the destination IP address in a packet\&.
.sp
If you choose to omit either
\fBSOURCE\fR
or
\fBDEST\fR, place "\-" in that column\&. Note that you may not omit both
\fBSOURCE\fR
and
\fBDEST\fR\&.
.RE
.PP
\fBPROVIDER\fR \- {\fIprovider\-name\fR|\fIprovider\-number\fR|\fBmain\fR}
.RS 4
The provider to route the traffic through\&. May be expressed either as the provider name or the provider number\&. May also be
\fBmain\fR
or 254 for the main routing table\&. This can be used in combination with VPN tunnels, see example 2 below\&.
.RE
.PP
\fBPRIORITY\fR \- \fIpriority\fR
.RS 4
The rule\*(Aqs numeric
\fIpriority\fR
which determines the order in which the rules are processed\&. Rules with equal priority are applied in the order in which they appear in the file\&.
.PP
1000\-1999
.RS 4
Before Shorewall6\-generated \*(AqMARK\*(Aq rules
.RE
.PP
11000\-11999
.RS 4
After \*(AqMARK\*(Aq rules but before Shorewall6\-generated rules for ISP interfaces\&.
.RE
.PP
26000\-26999
.RS 4
After ISP interface rules but before \*(Aqdefault\*(Aq rule\&.
.RE
.RE
.PP
\fBMARK \- {\-|\fR\fB\fImark\fR\fR\fB[/\fR\fB\fImask\fR\fR\fB]}\fR
.RS 4
Optional \-\- added in Shorewall 4\&.4\&.25\&. For this rule to be applied to a packet, the packet\*(Aqs mark value must match the
\fImark\fR
when logically anded with the
\fImask\fR\&. If a
\fImask\fR
is not supplied, Shorewall supplies a suitable provider mask\&.
.RE
.SH "EXAMPLES"
.PP
Example 1:
.RS 4
You want all traffic coming in on eth1 to be routed to the ISP1 provider\&.
.sp
.if n \{\
.RS 4
.\}
.nf
#SOURCE DEST PROVIDER PRIORITY MASK
eth1 \- ISP1 1000
.fi
.if n \{\
.RE
.\}
.RE
.SH "FILES"
.PP
/etc/shorewall6/rtrules
.SH "SEE ALSO"
.PP
\m[blue]\fBhttp://www\&.shorewall\&.net/MultiISP\&.html\fR\m[]\&\s-2\u[2]\d\s+2
.PP
shorewall6(8), shorewall6\-accounting(5), shorewall6\-actions(5), shorewall6\-blacklist(5), shorewall6\-hosts(5), shorewall6\-interfaces(5), shorewall6\-maclist(5), shorewall6\-netmap(5),shorewall6\-params(5), shorewall6\-policy(5), shorewall6\-providers(5), shorewall6\-routestopped(5), shorewall6\-rules(5), shorewall6\&.conf(5), shorewall6\-secmarks(5), shorewall6\-tcclasses(5), shorewall6\-tcdevices(5), shorewall6\-mangle(5), shorewall6\-tos(5), shorewall6\-tunnels(5), shorewall6\-zones(5)
.SH "NOTES"
.IP " 1." 4
shorewall6-providers
.RS 4
\%http://www.shorewall.net/manpages6/shorewall6-providers.html
.RE
.IP " 2." 4
http://www.shorewall.net/MultiISP.html
.RS 4
\%http://www.shorewall.net/MultiISP.html
.RE