RE: IPTABLES + IPROUTE2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi there,

I did try to remove "-o eth0" already but the result is still the same. Any
other possible suggestions?

-----Original Message-----
From: Ramin Dousti [mailto:ramin@xxxxxxxxxxxxxxxxxxxx]
Sent: 24 January 2004 03:05
To: L.Malinov
Cc: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: Re: IPTABLES + IPROUTE2


On Fri, Jan 23, 2004 at 01:44:38PM +0200, L.Malinov wrote:

> Hi there,
>
> I have the following configuration: Local Net with Linux RedHat 9.0 Squid
> proxy server (with one net card) and 2 gateways - router1 and router2. The
> default gateway for everyone including the proxy is router1. I'd like, the
> http request from the local net sent to the proxy to be forwarded to the
> Internet via router2. I'm trying the following configuration:
>
> iptables -A OUTPUT -o eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark
2

A suggestion: remove "-o eth0" from the above.

> echo 202 www.out >> /etc/iproute2/rt_tables
> ip rule add fwmark 2 table www.out
> ip route add default via router2 dev eth0 table www.out
>
> It looks like the packets go through the right chain under iptables and
get
> marked, however after that they still don't get forwarded via router2 but
> router1. What could be wrong in this config and is this possible to
achieve
> at all with the above configuration?
>
> Regards
>
> L.Malinov
>



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux