Floks
I do apologize for asking this again, but I have ended all my resistence
and thinking resources trying to solve this (yet simple) problem. Maybe
one of you could help me to figure out what I am doing wrong.
I have a Linux box which receives two Cable links. Link A (gateway
10.11.0.1 does not allow SMTP traffic to flow). Link B (has a valid IP.
This host is our SMTP and DNS server and all traffic is allowed).
What I am trying to do: all traffic generated inside our network should
go out through link A. Because of the previous restrictions, however,
SMTP traffic should follow link B instead. All outside traffic shoud
arrive from (and go back through) link B.
My topology is as follows:
(10.11.0.1) Link A --------| eth2
| ----------- eth0 ---------
-- |Router/SMTP|-----------|Intranet |
| ----------- ---------
| eth1
(ww.xx.y.z) Link B---------|
What I was trying to implement as solution: I have created an
alternative routing table whose default route is ww.xx.y.z and name is
mail. My main routing table''s default route is 10.11.0.1.
Then I decided to mark all outgoing SMTP packets with fwmark 1 (marked
using iptables). I''ve marked them like this:
iptables -t mangle -A OUTPUT - p tcp --dport 25 -j MARK --set-mark 1
I have, then, added a rule pointing to alternative routing table:
ip rule add priority 15000 fwmark 1 table mail
I have flushed routing cache with:
ip route flush cache
And have generated some traffic trying to telnet port 25 of an external
route from the router/SMTP (see picture above).
Sniffing network shown me that packets have exited with source address
10.11.0.1, which means my set up is completly useless.
Just for the records, I am using v1.2.5 in a Debian (woody) with kernel
2.4.18 (only HTB patch).
Any help would be very welcome.
Thank you in advnace for your time.
--
Sellaro
Agente Livre - Linux Community (www.agentelivre.org)
PGP Key ID: 3ADF8645
PGP Key Fingerprint: 6AB0 D60B 69B5 B3F9 4553 2242 A1D0 17C0 3ADF 8645