Last week, me and @giacomo spent some time working on a new configuration for the multi-wan monitoring.
The basic change is that now the “ping IP” (AKA check IP) is global and you don’t need to input one IP for every connection. This also permits to delete the code that tries to auto-detect the right IP.
And we can delete the static routes too.
We did a short and simple test, it worked fine.
Now we’re waiting to see if shorewall will implement the needed modifications.
Here’s the shorewall-users mailing list thread for reference:
Meanwhile, if someone is interested in testing the new implementation, feel free to ask here.