[CLUG-tech] Simple advanced routing

J-P Human jp at unix.co.za
Mon Mar 19 12:37:26 SAST 2007


 

> -----Original Message-----
> From: clug-tech-bounces at clug.org.za 
> [mailto:clug-tech-bounces at clug.org.za] On Behalf Of Izak Burger
> Sent: 17 March 2007 08:49
> To: OSS Technical Questions and Answers
> Subject: Re: [CLUG-tech] Simple advanced routing
> 
> On 3/16/07, J-P Human <jp at unix.co.za> wrote:
> > iptables -A PREROUTING -t mangle -i eth0 -p tcp --dport 22 -j MARK 
> > --set-mark 1
> 
> Incoming traffic on eth0 port 22 is marked.  Not sure that is 
> what you want, that won't work for locally generated traffic. 
>  Perhaps change that to "-o eth0"?
> 
> > Then
> > ip route add default via 192.168.1.2 dev eth0 table IS
> 
> Usually you also need to add a route to 192.168.1.0/24 to 
> that table, so:
> 
> ip route add 192.168.1.0/24 dev eth0 table IS ip route add 
> default via 192.168.1.2 table IS
> 
> >
> > Then
> > ip rule add fwmark 1 table IS
> >


Thanks Izak,

That did the trick.

Regards
J-P Human



More information about the clug-tech mailing list