similar to: could iproute2 set fwmark?

Hi all! I try to make port based routing, because a have two connections to the internet. My router is a "one disk floppy router for linux". It is a big router project www.fli4l.de. I try also to make a opt, it is like a plugin for this router. This project uses Kernel 2.2.19 compiled with libc5 (because it is small and you can use one floppy disk). At the moment, iproute2 is not

Hi, I am new in LARTC list. I had intermediate skills in networking. What I tried to do: Use 2 links with loadsharing + falt toletant (to add bandwitdh) ok ! I am use Debian Etch in router/fw With kernel debian default + routes-2.6.17-12.diff patch The Problem: The iproute2 just route thought the last gateway of nexthop rule. I was running tcpdump in 2 terminals, tcpdump -nni eth0 ...

Hello all, I am working with kernel 2.2.20 with the necessary options configured into the kernel to support all of the wonderfully fancy routing features: - routing based on ToS - routing based on fwmark - multiple routing tables This same kernel is in use elsewhere, and is routing based on fwmark with success. This leads me to believe that my kernel is OK and that I have another

Hi list, I''m new to this list, I just subscribed because I have some ackward about IPRoute2. First, while playing with NetFilter'' "MARK" target, I met a weird behaviour once I tried to use this marks in the RPDB : the packets where successfully marked, but it seemed that RPDB didn''t succed in matching them (for those who already know the answer, I only used

Hi guys, i have a problem with a configuration what i''m trying to do. I have two computers with linux, A and B, connected in the same network with this configuration: PC1 A: 192.168.192.1 PC2 B: 192.168.192.30 The PC1 A is a firewall doing nat... this one is connected to the internet via an adsl modem and of course it have its own public ip , and the router B is a smtp server but

Hi all, I have 2 ISPs on a Linux router and a local network with one Linux server and many windows. The local network is masqueraded. I want to give access to port 25 and 80 of my server from any incoming request (i.e. from my 2 ISP). I have made a DNAT translation, witch work but the outgoing answers are not routed correctly. Of course, the de-SNAT process is done before the routing process. So

Hello! This arguments never run on my system, but I need this: #!/bin/bash -x echo "1" iptables -t mangle -p tcp -d 0/0 --dport 80 -j MARK --set-mark 2 echo "2" echo "201 T1" >> /etc/iproute2/rt_tables echo "3" ip rule add fwmark 2 table T1 echo "4" ip route add default via 192.168.21.2 dev eth1 table T1 echo "5" ip route

This is an update to the iproute2 command set. It can be downloaded from: http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.18-061214.tar.gz Repository: git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git For more info on iproute2 see: http://linux-net.osdl.org/index.php/Iproute2 The version number includes the kernel version to denote what features are

There is an new version of iproute2 for testing. http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.10-ss050112.tar.gz Mostly simple merges, but could have some issues. Jamal did I get everything you sent? [Masahide Nakamura] ipmonitor shows IPv6 prefix list notification update to iproute2 xfrm for ipv6 [Stephen Hemminger] fix compile warnings when building 64bit system

Hi all, i have a problem i have this topology 192.168.1.7 GW 192.168.2.252 link 1 ------------------------------------ link 2 | | eth1 PROXY eth0 192.168.1.245 192.168.2.245 The default gw of the PROXY is 192.168.1.7 and the link2 is a Secondary link that i need to go out to internet!!!! My internal IP of the network is

Suppose: ipchains -A forward -s inside_net -d 0/0 -j MASQ -m 100 (similar setup with iptables: iptables -A PREROUTING -t nat -s inside_net -d 0/0 -j SNAT iptables -A PREROUTING -t nat -s inside_net -d 0/0 -j MARK --set_mark 100) eth0 = outside iface eth1 = inside iface now: tc filter add dev eth0 ... handle 100 fw should catch packets marked by the above rule in ipchains (iptables). Ok. When

Hi, I''m having an issue with changing the source address of packets origininating from a specific user using a combination of iptables and iproute2. We want to change packets originating from a specific service so that they originate from that service''s IP address, so that we can move it to a different physical server and have the packets appear to come from the same

Hi there, I got the solution for my problem, and thought may at someday somebody could use it. Julian Anastasov and some people from the LVS mailing list helped me with it. --- Subject: Re: LVS and CBQ Date: Tue, 10 Oct 2000 22:53:01 +0000 (GMT) From: Julian Anastasov <ja@ssi.bg> To: joern maier <joern.maier@informatik.uni-ulm.de> CC:

Hi I have a strange problem. I have a firewall with 3 nics. 1 - lan 2 - leased line or diginet 3 - connected to adsl modem I have 2 tables in defined in /etc/iproute2/rt_tables: 200 diginet 201 adsl The ADSL modem has an IP of 192.168.0.1 and is configured to initiate the PPPOE connection. I can mark packets within the network destined for port 80 successfully: ip ro add default via x.x.x.x

I would like to route ssh in my network via DSL2 and all other trafic via DSL1. So far I menaged to do it for LAN2 but there are still WLAN1,LAN3 and LAN1 to go. On all routers I added table "pilicka" with rule for fwmark and I fwmarked ssh. # ip rule show 0: from all lookup local 32765: from all fwmark 0x3 lookup pilicka 32766: from all lookup main 32767: from all lookup

hi, Im tryig to use two isp links get worked: first isp 212.122.xx.254 (gw) second isp 10.10.xx.2 (gw) my ip1 212.122.xx.90 (eth0) my ip2 10.10.xx.254 (eth1) internal network my ip 192.168.1.254 (eth2) turn on masquerading on both links: $IPTABLES -t nat -A POSTROUTING -o eth0 -j SNAT --to 212.122.xx.90 $IPTABLES -t nat -A POSTROUTING -o eth1 -j SNAT --to 10.10.xx.2 mark packets on 6667

Hello, I have tested a simple thing in two version of Linux and there was a problem when I have used fwmark as a selector for rule lookups. As you can see below on the Slack, the <test> table doesn''t have any label about fwmark. Is there an iproute problem? -------------------------------------- # cat /etc/fedora-release Fedora Core release 2 (Tettnang) # uname -r 2.6.5-1.358 #

Hi guys im trying to make a port redirecction using iproute together with iptables mangle option .. but for some strange reason is not working yet, I know i can do it in a diferent way, but the idea is using packet marking and redirect the packets with a rule. I have two computers PC1 and PC2 PC1: 192.168.0.1 this is the one connected to internet, and this machine make the redirection PC2:

Hello guys, I am still in doubt about this kind of server. So my question is about the "prio" at routing tables like: I have 3 tables in /etc/iproute2/rt_tables: 201 201 202 202 222 222 In table 201 there is the rules about my internet link (frame relay) that comes into eth0. So I made this route into it: [root@ns2 iproute2]# ip route show table 201 default via

I've managed to configure a LVS Cluster to act as a transparent proxy squid farm, with a virtual server as load balancer, and three real servers. Because redirecting packets going to port 80 to port 3128 of squid in the load balancer doesn't works, the solution has a mix of ip route and iptables. Here is the script I wrote to configure transparent proxy. #!/bin/bash #Transparent proxy