Re: IPTABLES + IPROUTE2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



$IPT -t nat -A PREROUTING -p tcp -d xxx.xxx.xxx.xxx --dport 53 -j
DNAT --to-destination xxx.xxx.xxx.xxx:53
It will forward the packet as it is to the destination ip and port. If u
have to change the packet what so ever then mangle it.

Klemen Kecman

----- Original Message -----
From: "L.Malinov" <lucho@xxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Friday, January 23, 2004 12:44 PM
Subject: IPTABLES + IPROUTE2


> Hi there,
>
> I have the following configuration: Local Net with Linux RedHat 9.0 Squid
> proxy server (with one net card) and 2 gateways - router1 and router2. The
> default gateway for everyone including the proxy is router1. I'd like, the
> http request from the local net sent to the proxy to be forwarded to the
> Internet via router2. I'm trying the following configuration:
>
> iptables -A OUTPUT -o eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark
2
> echo 202 www.out >> /etc/iproute2/rt_tables
> ip rule add fwmark 2 table www.out
> ip route add default via router2 dev eth0 table www.out
>
> It looks like the packets go through the right chain under iptables and
get
> marked, however after that they still don't get forwarded via router2 but
> router1. What could be wrong in this config and is this possible to
achieve
> at all with the above configuration?
>
> Regards
>
> L.Malinov
>
>



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux