similar to: Routing based on fwmark

hi I have trying to remove the extra rules from my routing tables, however with no luck Also I want to know these duplicate entries have an effect on packets going routed? I have this overwhelming rules lists from my predessor who added the "ip rule add fwmark" entries in firewall script, and on each run of firewall script its creates an extra entry in routing table. Now what I want to

Hi... I have installed ip route 2 package on Linux kernel 2.4.25 I am using 2 tables: ################################### ebox:100.254~# ip route list table ALTER default via 192.168.100.253 dev br0 ebox:100.254~# ip route list table main 10.0.0.254 dev ppp0 proto kernel scope link src 10.0.0.1 192.168.100.0/24 dev br0 proto kernel scope link src 192.168.100.254 192.168.100.0/24 dev

hi thanks for your reply heh "Example: ip del rule pref 32742" is syntically wrong :) and when i tried "ip rule del 32742" it gives me error # ip rule del 32742 Error: argument "32742" is wrong: Failed to parse rule type so how to get get of these extra rules? 0: from all lookup local 32742: from all fwmark 0x2 lookup squid.out 32743: from all fwmark 0x2

Hi all! I''ve got 2 (soon 3) internet connection. 1 - via ADSL, 2(and3) via ppp My network: http://desima.objectis.net/network-diag linux1: user1.user2 eth0=192.168.1.1 ppp0=192.168.5.2( gw 192.168.5.1) gw=192.168.1.2 ( thru ADSL) compA=192.168.1.6 compB=192.168.1.15 gw2=192.168.1.217 via ppp to different ISP All works for compA and CompB, user1 should use default gw(192.168.1.2)

Hi all, I need to route local generated packages depending on which tcp or udp service I need to use. To accomplish this I have configured two routing tables: [root at lothlorien ~]# ip ru ls 0: from all lookup 255 32762: from all fwmark 0x2 lookup FirstLan 32763: from all fwmark 0x1 lookup SecondLan 32764: from 172.25.80.10 lookup SecondLan 32765: from 172.25.70.18 lookup FirstLan

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! I''ve setup some routing tables, but how can I delete them? currently it looks like that, but how I delete the tables stuebi and notebook and how the entry in the main table. thx for your help. Babylon5:~# ip rule ls 0: from all lookup local 32759: from 10.149.19.168 lookup stuebi 32760: from 10.149.17.72 lookup stuebi 32761:

Hello newsgroup, I hope somebody with more routing experience then me can help me with the problem I have. The setup is as described below. A dual internet provider routing, multiple local area networks, and a dmz network with one public and one private ip range. I followed the instructions at lartc.org, and so far everything is working. The default route is via

Could someone comment on the benefits of using CLASSIFY vs fwmark (or vice versa) in iptables? I''m getting ready to implement some basic tc for VoIP and most of the examples seem to use the (older?) fwmark syntax. Should I convert these to CLASSIFY? Can the two syntaxes be mixed? Also with U32? TIA, Edwin -- <=+=+=+==+=+=+==+=+=+=+=+=+=+=+=> Edwin Whitelaw, P.E. New River

Hello! This arguments never run on my system, but I need this: #!/bin/bash -x echo "1" iptables -t mangle -p tcp -d 0/0 --dport 80 -j MARK --set-mark 2 echo "2" echo "201 T1" >> /etc/iproute2/rt_tables echo "3" ip rule add fwmark 2 table T1 echo "4" ip route add default via 192.168.21.2 dev eth1 table T1 echo "5" ip route

We currently use iptables, matching packets based on IP address and marking them with an ID. Multiple IP addresses can be marked with the same ID. We then filter based on the ID. We have close to 2000 filters now and I''m looking into hashing tables. Is there any way to create a hashing filter based on the fwmark? Paul C. Diem PCDiem@FoxValley.net

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | | x eth1 (63.43.x.x)

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches /w support for multipath routing Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | |

Hi, I have a computer which is used as router/firewall/VPN with four network card. One connected on the LAN (br0, 10.0.0.0/24), the three others to three different ISP, eth0 192.168.1.0/29, eth1 192.168.0.0/24, eth2 192.168.2.0/29. This computer is under Linux 2.6.11 with the Julian Anastasov routes patch. The configuration by default is to balance the load on the three interfaces. Then, I

Hi! There is one thing I can''t do. In my country we have to pay for "foreign" internet. Local internet is cheap and fast, but foreign is slow and expensive. So I want do following: mark every packet with iptables, where --set-mark 1 for foreign internet, but --set-mark 2 for local internet next when I got all traffic marking, I need to assign traffic to users so I make

Hi everybody, I''m trying to set up routing for 2 links to the internet on a box which produces traffic itself (e.g. DNS) and will route all our local traffic. AS one route is quick and expensive and the other one slow and cheap, I want to be able to route packets for some high-level protocols to the second link. If I correctly understood table 3-2 in

Hi guys, I''m not sure where to post for help on this one, shorewall or lvs, I''ll start with shorewall (only cause Tom is a gun at this stuff, and is polite enough to tell me to bugger off to the LVS list if I''m posting in the wrong one ;) I have a single box that is my router/firewall/LVS. Internet -- eth0 - router/firewall - eth1 --- internal lan | eth2

Hello lartc maintainers and users! I have a router with two NICs. One NIC is connected to the Internet and the other to my internal LAN. I made a script for priorizing interactive traffic. The script matches TOS Minimize-Delay for priorizing interactive trafic, and fwmark for metropolitan packets. I have two root classes (simulating two circuits) : 1:1 for internet and 1:3 for metropolitan.

how can I check whether packets are being marked as per my tcrules file? 4 0.0.0.0/0 202.37.230.93 udp 500 4 fw 0.0.0.0/0 udp 500 also can someone confirm what ports are needed to be opened for ipsec? 1701,1723,47,500 ??? P.

I set up this config: +------+ -+ ISP1 +--+ +------+ | +-------+ +--+ linux | +------+ | +-------+ -+ ISP2 +--+ +------+ No problem. Standard setup with two ISP''s. Both routed subnets. Default gateway is ISP1. No magic here. Now I put a server behind the Linux box. I want the server to be reachable on an /extra/ IP in the routed subnet of ISP2. +------+ -+ ISP1

Hi, Reward offered: 50$ (paypal), and I am sure this is a ridiculous thing I have missing. My goal: On a 2 NIC Asterisk box, to send packets that came in Asterisk on NIC1 back to NIC 1, and NIC2 back to NIC 2. (basically, send them back the same way they came from). I have been doing what was recommended to me and mangling packets left and right. I have reached a point where I am