Re: Running Fedora or RHEL7 with NetworkManager

Sat, 25 Oct 2014 04:38:37 -0700 

Though not to distract from Fedora, if you have a complex firewall setup, why 
not just use something like pfSense? HA, uses multiple ISP links, nice GUI, 
free, BSD 

> On Oct 25, 2014, at 2:13 AM, Bill Shirley <bshir...@memphis.apirx.biz> wrote:
> 
> 
>> On 10/24/2014 11:45 AM, Bill Davidsen wrote:
>> I have a complex firewall setup running on an older version of Fedora, and 
>> I'd like to upgrade to RHEL7 or recent Fedora. Unfortunately, I can't really 
>> do what I need using firewalld, so two questions: 
>> 
>> 1 - has anyone done this and were there any serious gotcha's? 
>> 
>> 2 - is it as easy as removing firewalld and installing networkmanager with 
>> yum? 
>> 
>> This setup uses two (soon three) ISP connections, any of which can be used 
>> as default, two secure internal networks, and one DMZ for servers. Some 
>> connections must be forced out via  a defined ISP, and since Linux doesn't 
>> source route like BSD, I can't just set the source IP and have the packet go 
>> out the right interface,       hoops must be jumped. 
>> 
>> Any experience to share?
> For source routing:
> Add an entry to /etc/iproute2/rt_tables:
> 1000   Comcast_ip1
> 
> then (where 192.0.2.1 is the gateway and 192.0.2.2 is your IP address):
> # ip route add table Comcast_ip1 default via 192.0.2.1 via eth1
> # ip rule add priority 2000 from 192.0.2.2 table Comcast_ip1
> 
> Adjust to suit your needs.
> 
> Bill
> 
> -- 
> users mailing list
> users@lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org

-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Reply via email to