From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thilo Schulz Date: Wed, 24 Apr 2002 11:42:18 +0000 Subject: Re: [LARTC] Fwmark problem - policy routing does not work. Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org > \> So it might be, that the Marks are not being set, i checked that too, i > > > replaced the > > iptables -t mangle -A OUTPUT -m owner --uid-owner 1001 -j MARK > > --set-mark 1 with > > iptables -t mangle -A OUTPUT -p tcp --dport 22 -j MARK --set-mark 1 > > - still no success. So I tried placing this rule into the PREROUTING > > chain (for testing though, INPUT should be absolutely correct), and - oh > > wonder - no success either ;) > > If you do "iptables -L -v -n -t mangle", do the counters increment ? > > Stef Yes, they do. I am also sure now, that marking is working: I have tried the same on another host that uses a gateway to access the internet, but has several ips on the net. If i do not enter the route (via option) the packets are not reaching their destination, if i am creating those as a given user, as all other user it does work. If i give the via option in the "ip route add table thilo src ....." command, the packets are reaching their destination again - yet even though i have given the source ip that should have been used, it is still using the primary one. Could this be a bug in the routing code? - Thilo Schulz _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/