Re: Dual ISPs - controlled path for certain ports - ip route 2 balancing for others

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Primero <primero@fastwebnet.it>
To: Alistair Tonner <Alistair@nerdnet.ca>
Cc: netfilter@lists.netfilter.org
Subject: Re: Dual ISPs - controlled path for certain ports - ip route 2	balancing for others
Date: Thu, 23 Sep 2004 11:33:48 +0200	[thread overview]
Message-ID: <4152987C.90100@fastwebnet.it> (raw)
In-Reply-To: <200409221315.05822.Alistair@nerdnet.ca>

[-- Attachment #1: Type: text/plain, Size: 1250 bytes --]

Alistair Tonner wrote:

>	
>	 I'm wondering if 
>	there are rules I can use (consider that the webserver/mailserver and FTP 
>	server are sadly on the firewall at the moment) to force the servers to reply
>	via the DSL or internal lan only, even if the default route points at the
>	cable link? (this would be a quick and dirty solution for me) -- the cablelink will have to shortly support a VPN tunnel back to work.
>  
>
i was using Iproute2 like u until a day i decided to "man iptables" ....

i've found in EXTENSIONS TARGET section:

....
ROUTE

       This is used to explicitly override the core network stack's 
routing decision.  mangle table.

       --oif ifname
              Route the packet through `ifname' network interface

       --iif ifname
              Change the packet's incoming interface to `ifname'

       --gw IP_address
              Route the packet via this gateway

       --continue
              Behave like a non-terminating target and continue 
traversing the rules.  Not valid in combination with `--iif'
....

this way u can use a normal matching syntax of iptables and change the 
routing decision about the "interesting traffic".
I hope it works since i had no time yet to try it out ... let us know :)

bye

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 256 bytes --]

next prev parent reply	other threads:[~2004-09-23  9:33 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-09-22 17:15 Dual ISPs - controlled path for certain ports - ip route 2 balancing for others Alistair Tonner
2004-09-23  9:33 ` Primero [this message]
2004-09-23 13:18   ` Alistair Tonner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4152987C.90100@fastwebnet.it \
    --to=primero@fastwebnet.it \
    --cc=Alistair@nerdnet.ca \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.