* ipt ROUTE
@ 2009-11-04 12:15 aidan mcgurn
2009-11-04 13:56 ` Mart Frauenlob
0 siblings, 1 reply; 2+ messages in thread
From: aidan mcgurn @ 2009-11-04 12:15 UTC (permalink / raw)
To: netfilter
Hi,
(apologies in advance - don't seem to have the option to reply within the same thread so re-sending this)
thanks for the response.
I had looked through the archives and did again but i'm fairly new to netfilters iptables and i can't see
any other way of routing using dst:port via different gateways besides using the ipt ROUTE lib.
That been the case, can u please directme on how to build the ipt_ROUTE kernel object for this or is it a patch thats required?
As i said i downloaded 1.3.5 iptables code from netfilter and did a make but it only builds the shared objects, no kernel objects which
i presume i need to install a ipt_ROUTE.ko to get the -j ROUTE option to work?
alternatively is there any iptables package which includes this?
thanks for any help here,
/aidan
========
Search the
archives:
--
Eray
============
>>>Hi,
I want to use the libipt_ROUTE facility which is currently not available in my linux \
iptables install.
I did download the “iptables_1.3.5/
iptables-1.3.5.tar.bz2†source code and build \
the .so (despite the ipt_ROUTE.h missing from here).
However i’m wondering if u know how i get this to work on my system.
e.g. i presume i need to build this as a kernel object and insmod it? How do i buid \
this from the source i got from 1.3.5?
Ideally i need this facility to route packets via different gateways based on port \
number unless theres anther way to do besides ipt_ROUTE.
Thanks,
/aidan
^ permalink raw reply [flat|nested] 2+ messages in thread* Re: ipt ROUTE
2009-11-04 12:15 ipt ROUTE aidan mcgurn
@ 2009-11-04 13:56 ` Mart Frauenlob
0 siblings, 0 replies; 2+ messages in thread
From: Mart Frauenlob @ 2009-11-04 13:56 UTC (permalink / raw)
To: netfilter
aidan mcgurn wrote:
> Hi,
> (apologies in advance - don't seem to have the option to reply within the same thread so re-sending this)
> thanks for the response.
> I had looked through the archives and did again but i'm fairly new to netfilters iptables and i can't see
> any other way of routing using dst:port via different gateways besides using the ipt ROUTE lib.
>
> That been the case, can u please directme on how to build the ipt_ROUTE kernel object for this or is it a patch thats required?
> As i said i downloaded 1.3.5 iptables code from netfilter and did a make but it only builds the shared objects, no kernel objects which
> i presume i need to install a ipt_ROUTE.ko to get the -j ROUTE option to work?
> alternatively is there any iptables package which includes this?
>
>
Hello,
ipt_ROUTE has been removed, some functionality moved to the TEE target
from xtables-addons (but that's not what you need).
The way to do it, is to use the MARK target to set marks (--set-mark
0xX), like i.e:
iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 22 -j MARK
--set-mark 0x1
Then use the iproute utility to add routing tables/rules per gateway i.e.
echo X GW1 >> /etc/iproute2/rt_tables
...
ip route add table X <whatever-route>
....
ip rule add from all fwmark 0x1 table X
...
It should not be hard to find valuable examples on the internet. i.e:
http://linux-ip.net/html/adv-multi-internet.html
http://lartc.org/howto/lartc.rpdb.html
Regards
Mart
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-11-04 13:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-04 12:15 ipt ROUTE aidan mcgurn
2009-11-04 13:56 ` Mart Frauenlob
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.