I made a script to test if in a moultiple gateway setup all default
connection are up, regardless of the fact that that gateway is the default
gw.
Suppose adsl1 and adsl2 are present, and all traffic goes by default to
adsl1, and you want to test if adsl2 is ok.
1. I use mangles from iptables to mark icmp packets to some test machines
2. I set up a routing table for each adsl
3. I use ''ip rule'' to route marked packets to the gw I am
testing
This works ''almost'' correctly. In some situations I need to
force the src
address with ''ping -I '' becouse the kernel seems to attach the
src address
reguardless of the *real* path that the packet takes.
Under these circumstances the provider refuses to route the packets. Eg:
/10.0.0.1 -> (gw1) 10.0.0.254 (adsl1: table adsl1 w/ default
0.254)
FW
\ 192.168.1.1 -> (gw2) 192.168.1.254 (adsl2: table adsl2 w/ default
1.254)
suppose 10.0.0.254 is the default gateway for table ''main''.
iptables -t mangle -A OUTPUT -d $TEST -p icmp -j MARK --set-mark $MARK
ip rule add fwmark $MARK table adsl2
Now a ping to $TEST would result in icmp packets sent to gw2 *but* with src
10.0.0.254 even thought i used ''src 192.168.1.1'' when setting
the route on
gw2 .
Is it possible that the kernel routine thath attaches the IP to the packet
comes before the ''ip rule'' that looks for the fwmark?
Thanke or the attention
sandro
*:-)
--
Sandro Dentella *:-)
e-mail: sandro@e-den.it
http://www.tksql.org TkSQL Home page - My GPL work