Looks like firewall rejecting DNS requests from 10.0.3.152 to Google DNS, maybe because a WAN is down.
You may create a rule from 10.0.3.152 to 220.127.116.11 port 53 but it’s strange that DNS is forbidden.
Another method would be to try to setup multiwan again following the docs step by step. Maybe some step was missing.
You may also provide the output of
shorewall show routing
db networks show
I hoped to see it in the firewall logs…
You still have the setup we talked about here?
If yes, I still don’t think that you need multiwan, just two green zones so no problem with WANs going down…