Hello Routing Gurus ;-) I''d like to know if it''s possible to make a routing decision for pakets originating from a specific port of the local machine without using ipfilter/iptables to mark the pakets. I read about the tc filter stuff but that seems only to be able to sort the pakets to a different queue on the same interface and not choose a different interface for example. Is that at all possible and if yes how ? regards, _sh_
What''s wrong with using iptables to mark the packets? That is what it''s for... - Greg Scott -----Original Message----- From: lartc-bounces@mailman.ds9a.nl [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of Sebastian Heidl Sent: Friday, January 06, 2006 8:31 AM To: lartc@mailman.ds9a.nl Subject: [LARTC] routing decision based on sorce port Hello Routing Gurus ;-) I''d like to know if it''s possible to make a routing decision for pakets originating from a specific port of the local machine without using ipfilter/iptables to mark the pakets. I read about the tc filter stuff but that seems only to be able to sort the pakets to a different queue on the same interface and not choose a different interface for example. Is that at all possible and if yes how ? regards, _sh_ _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
> On Fri, 6 Jan 2006 09:16:30 -0600 "Greg Scott" <GregScott@InfraSupportEtc.com> wrote: > What''s wrong with using iptables to mark the packets? That is what it''s > for...Well, I thought it would be "cleaner" to use the routing tools to do the routing. If that''s the "way to do it", fine. thanks, _sh_> - Greg Scott > > > -----Original Message----- > From: lartc-bounces@mailman.ds9a.nl > [mailto:lartc-bounces@mailman.ds9a.nl] On Behalf Of Sebastian Heidl > Sent: Friday, January 06, 2006 8:31 AM > To: lartc@mailman.ds9a.nl > Subject: [LARTC] routing decision based on sorce port > > > > Hello Routing Gurus ;-) > > I''d like to know if it''s possible to make a routing decision for pakets > originating from a specific port of the local machine without using > ipfilter/iptables to mark the pakets. I read about the tc filter stuff > but that seems only to be able to sort the pakets to a different queue > on the same interface and not choose a different interface for example. > > Is that at all possible and if yes how ? > > regards, > _sh_ > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
There is a small, but important issue with outgoing packets policy
routing. Locally originating packets don''t hit PREROUTING chain of
mangle table
(http://www.faqs.org/docs/iptables/traversingoftables.html), so you
generally can''t policy route such traffic.
--
DO4-UANIC
On Sun, 2006-01-08 at 03:04 +0300, Denis Ovsienko wrote:> There is a small, but important issue with outgoing packets policy > routing. Locally originating packets don''t hit PREROUTING chain of > mangle table > (http://www.faqs.org/docs/iptables/traversingoftables.html), so you > generally can''t policy route such traffic.Hmm, according to a newer version of the iptables tutorial (http://iptables-tutorial.frozentux.net/iptables-tutorial.html) there is another routing decision after the packets traverse the OUTPUT chain of the mangle table. So at least marking the pakets should be possible I think. _sh_