Alistair Tonner wrote:

>	
>	 I'm wondering if 
>	there are rules I can use (consider that the webserver/mailserver and FTP 
>	server are sadly on the firewall at the moment) to force the servers to reply
>	via the DSL or internal lan only, even if the default route points at the
>	cable link? (this would be a quick and dirty solution for me) -- the cablelink will have to shortly support a VPN tunnel back to work.
>  
>
i was using Iproute2 like u until a day i decided to "man iptables" ....

i've found in EXTENSIONS TARGET section:

....
ROUTE

       This is used to explicitly override the core network stack's 
routing decision.  mangle table.

       --oif ifname
              Route the packet through `ifname' network interface

       --iif ifname
              Change the packet's incoming interface to `ifname'

       --gw IP_address
              Route the packet via this gateway

       --continue
              Behave like a non-terminating target and continue 
traversing the rules.  Not valid in combination with `--iif'
....

this way u can use a normal matching syntax of iptables and change the 
routing decision about the "interesting traffic".
I hope it works since i had no time yet to try it out ... let us know :)

bye