From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Daniel Ahlberg" Date: Fri, 19 Apr 2002 14:11:03 +0000 Subject: Re: [LARTC] Routing based on source port - Solution ? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org > I have the same problem and tried all possibities i know. > > "ip rule" in fact doesnt route based on port because > IP protocol dont know about ports. BUT u can solve the problem > by using iptables/ipchains with help of MARKs - as u said. > > Unfortinuatly netfilter can only set MARKs in the moment the > packets travers the INPUT Queue (of corresponding interface). > > --> > netfilter is not able to set mark for _local_ created packets, > because the INPUT Queue of netfilter is not passed. > > => In fact the MARK mechanism can only be used for incoming packets. > > In my scenario i would like to do port based routing on local sockets > i cannot use the MARK feature at all. :( > > > I dont know of any other method to solve the problem. > Any other solutions ?? I too have encountered problems with the marking of packets. When I mark packets destined to port 80 using iptables and dump the traffic using tcpdump I can see the packet coming into the local interface (eth0) and leaving the external interface (eth1), getting a reply from the website I'm trying to visit on eth1 but the reply isnt sent to my computer on the local interface. I am however using old versions of iptables (1.2.2) and iproute (20001007) and I have yet to try out a newer version of both iproute and iptables _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/