This is half true.
Depends on the application or the way that the network traffic is
flowing you could use some iptables rules to mark a connection for
example by the source MAC address per new connections which would be a
specific router and by that mark the connection, then in the routing
level decide which default gateway to use for this specific connection.
You can take a look at an example that I wrote and modify it to use a
MAC address match instead of NFQUEUE at:
http://wiki.squid-cache.org/EliezerCroitoru/Drafts/MwanLB#iptables_rules_example
The idea is that you mark a new connection from a specific router with a
unique mark and then restore the connection mark to force a specific
routing table on this mark(IE connection)
Hope it Helps,
Eliezer
On 25/12/2015 22:28, Paul R. Ganci wrote:> On 12/25/2015 12:44 PM, Joey wrote:
>>
>> i have a server with 2 public ips on 2 devices.
>>
>> I want that the request of incoming traffic dont use the default
>> gateway. Incoming traffic sould be answered using the gateway of the
>> incoming device
>>
>> Could i realize this with firewalld? Or directly iptables?
>
> No you can not do that via firewalld or iptables. The problem is you
> have to tell the packets to go out the proper interface which must be
> done via routing tables. For that purpose you need ip route. I suggest
> you take a look at
>
>
https://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/
>
>
> This link provides a very thorough description of what must be done.
>
> Just a warning is that you will want your routing tables to be
> maintained across system boots. I put my routes for my bridged
> interfaces into:
>
> /etc/sysconfig/network-scripts/route-br1
> /etc/sysconfig/network-scripts/route-br2
>
> You can put your routes into similar files... just replace the br1/br2
> with your appropriate interface names.
>