similar to: how to remove rules

hi thanks for your reply heh "Example: ip del rule pref 32742" is syntically wrong :) and when i tried "ip rule del 32742" it gives me error # ip rule del 32742 Error: argument "32742" is wrong: Failed to parse rule type so how to get get of these extra rules? 0: from all lookup local 32742: from all fwmark 0x2 lookup squid.out 32743: from all fwmark 0x2

I''m having trouble routing on high fwmarks, I want to use a lot of different marks for 2 routes so that I can QoS based on the marks ip rule looks like this: 0: from all lookup local 32751: from all fwmark 31 lookup dslout 32752: from all fwmark 30 lookup dslout 32753: from all fwmark 29 lookup dslout 32754: from all fwmark 28 lookup dslout 32755: from

Hi... I have installed ip route 2 package on Linux kernel 2.4.25 I am using 2 tables: ################################### ebox:100.254~# ip route list table ALTER default via 192.168.100.253 dev br0 ebox:100.254~# ip route list table main 10.0.0.254 dev ppp0 proto kernel scope link src 10.0.0.1 192.168.100.0/24 dev br0 proto kernel scope link src 192.168.100.254 192.168.100.0/24 dev

Hi all! I try to make port based routing, because a have two connections to the internet. My router is a "one disk floppy router for linux". It is a big router project www.fli4l.de. I try also to make a opt, it is like a plugin for this router. This project uses Kernel 2.2.19 compiled with libc5 (because it is small and you can use one floppy disk). At the moment, iproute2 is not

Hello, everyone! I would like to solve the following problem. Btw, I''m terribly sorry about the pseudo-asciiart, but that''s all I can paint as a tropology. I''m hoping it''ll be enough. ----Internet---- | | | eth0 machine A routing+ipchains eth1 | ------------------ machine B So, given I''m running kernel 2.4.19 and using ipchains

Assuming if I have rules matching the same packet, the one chosen is the lower preference value or the high ? For example # ip rule list .... 100 from 192.168.1.0/24 lookup main 200 from all fwmark 5 lookup first ..... Packet is matching both rules, the one with priority/preference 100 or 200 is selected ? _______________________________________________ LARTC mailing list /

Hi all! I''ve got 2 (soon 3) internet connection. 1 - via ADSL, 2(and3) via ppp My network: http://desima.objectis.net/network-diag linux1: user1.user2 eth0=192.168.1.1 ppp0=192.168.5.2( gw 192.168.5.1) gw=192.168.1.2 ( thru ADSL) compA=192.168.1.6 compB=192.168.1.15 gw2=192.168.1.217 via ppp to different ISP All works for compA and CompB, user1 should use default gw(192.168.1.2)

I have 2 internet connections and i;m trying to use squid as transparent proxy but every time squid is using first internet line but i want to use second internet line . i have this settings and without squid it''s working i have default route on the first internet connection. iptables -t nat -I POSTROUTING -o eth2 -p tcp --dport 80 -s 192.168.0.0/24 -d ! 192.168.0.0/16 -j SNAT --to

Hello all, I need a virtual firewall/router solution. I''m thinking of a netscreen 1000 but I want to know if it can be done in Linux. Here is my idea: 1 Linux box 2 GigE interfaces 1 interface setup with a public IP address ($PUBIP) 1 interface setup with 802.1q VLAN trunking with 100 vlans assigned ($VLAN1-$VLAN100) a /25 subnet routed to $PUBIP from my core routers All $VLAN

Hello all, I am going through the LARTC howto to understand how the iproute2 works. But some concepts like Policy Routing, RPDB etc are not clear to me. I am pretty new to iproute, beeing using route command for long... From what I understand 1. rules (ip rule) tell how to select packets for routing and route (ip route) tell where to route the selected packets. 2. A collection of rules is

Just a quick question... Is there a way to do content based routing (i.e. routing based on a TCP or UDP port) without using iptables, i.e. using the ip command? Thanks Andrew _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Hi all, i am using iptables (1.2.8) + iproute on Slackware 8.0 (i386) working fine, marking packet based in destination port and network and selecting the appropriate route with this marks (i have two links, a 256Kb frame relay and a 512Kb ADSL). Now i change the machine for a Sun Enterprise 250 (Sparc64 with Debian 3.0r1) and iptables works fine (the packets are marked) but iproute

Hi all, I''ve been using shorewall 3 (3.4.8 now) for a while on a simple gateway setup for my office. Routing is enabled only for a few hosts and all user access the internet thru squid, which is running on the shorewall box. I have a few other services on this box and some others on another server, but they don''t matter for what I need. Quick and dirty schematics to illustrate

Hi all, I have a strange setup I am trying to get working. Initally I thought I could set it up by just setting up the correct routes. However after thinking about it I have convinced myself (maybe incorrectly) that I most likely need some sort of advanced NAT/routing setup. Below is a description of the networks involved: Local net (192.168.101.0/24) | | Linux machine eth1

I have a Linux Box with 3 NIC''s connected to 2 different ISP''s running a Proxy (Squid) and E-mail server (QMail). ________ | |-- x.x.x.1 ---- x.x.x.2 (ISP-1 gateway) | Squid | LAN ------- 10.85.1.85 --| | | Qmail |

Hello, I have a Debian-Woody-3.0 Router with 3 NIC''s. Kernelversion 2.4.18 +------------+ +-------------+ | | | | |192.168.1.1 | | 192.168.2.1 | | DSL-Router | | ISDN-Router | +------------+ +-------------+ | |

i''m using one line on eth2 only for web traffic eth1 is my internal line and eth0 is my main line to internet . i''m marking packets like this i have default route on eth0 iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! I''ve setup some routing tables, but how can I delete them? currently it looks like that, but how I delete the tables stuebi and notebook and how the entry in the main table. thx for your help. Babylon5:~# ip rule ls 0: from all lookup local 32759: from 10.149.19.168 lookup stuebi 32760: from 10.149.17.72 lookup stuebi 32761:

Background: Thanks to the LARTC howto, this list and Stef Coene''s and devik''s excellent web sites I now have an ethernet bridge (patch bridge-nf.0.0.7) happily prioritising traffic (12Mbit) into 10 queues (9 for IP and 1 for non-IP) using a combination of iptables (fwmark) and htb3 and sfq. Many thanks. At the moment I''m filtering all non-IP traffic by setting the

----- Original Message ----- From: "Jerry Vonau" <jvonau@shaw.ca> To: "Mailing List for Shorewall Users" <shorewall-users@lists.shorewall.net> Sent: Thursday, August 19, 2004 08:06 Subject: Re: [Shorewall-users] Two Links and DNAT > > > > Btw, by "shorewall show nat" I just noticed that I was doing snat only > > for packets comming