From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Remus" Date: Wed, 06 Apr 2005 10:51:16 +0000 Subject: [LARTC] UDP port 1194 marking/routing problem Message-Id: <0b6701c53a96$8ef69fc0$6e69690a@RIMAS> MIME-Version: 1 Content-Type: multipart/mixed; boundary="===============0841406126==" List-Id: To: lartc@vger.kernel.org This is a multi-part message in MIME format. --===============0841406126== Content-Type: multipart/alternative; boundary="----=_NextPart_000_0B64_01C53A9E.F05E1AB0" This is a multi-part message in MIME format. ------=_NextPart_000_0B64_01C53A9E.F05E1AB0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi folks, I have OpenVPN (respect for it developers) running on my FW. Is has two external NICs and on internal everything is fine, except I want OpenVPN (UDP port 1194) going not via default route/network = interface. I use such commands: iptables -t mangle -D POSTROUTING -o eth0 -p udp --dport 1194 -j MARK = --set-mark 0x990 =20 ip rule add fwmark 0x990 table openvpn1 = =20 ip route add default via $P2 dev eth0 table openvpn1=20 eth0 is FW's not default external NIC. I have in use very similar iptables rules for my email server (TCP = ports) and etc. Everything works fine.=20 What I'm doing wrong with marking/routing the UDP port? Regards Remus ------=_NextPart_000_0B64_01C53A9E.F05E1AB0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
 
Hi folks,
 
I have OpenVPN (respect for it = developers) running=20 on my FW.
Is has two external NICs and on = internal everything=20 is fine, except
I want OpenVPN (UDP port 1194) going = not via=20 default route/network interface.
 
I use such commands:
 
iptables -t mangle -D POSTROUTING -o = eth0 -p udp=20 --dport 1194 -j MARK --set-mark=20 0x990           &n= bsp;           &nb= sp;           &nbs= p;         
ip=20 rule add fwmark 0x990 table=20 openvpn1           = ;            =             &= nbsp;           &n= bsp;           &nb= sp;           &nbs= p;            = ;      =20
ip route add default via $P2 dev eth0 table openvpn1
 
eth0 is FW's not default external = NIC.
 
I have in use very similar iptables = rules for my=20 email server (TCP ports) and etc.
Everything works fine.
What I'm doing wrong with = marking/routing the UDP=20 port?
 
Regards
 
Remus
 
 
------=_NextPart_000_0B64_01C53A9E.F05E1AB0-- --===============0841406126== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc --===============0841406126==--