From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michele <michele@protocol.it>
Date: Thu, 22 May 2003 14:33:05 +0000
Subject: [LARTC] 2 router on one server web
Message-Id: <marc-lartc-105361408702941@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Hi,
I read your "Linux 2.4 Advanced Routing" HOWTO, and particularly the
chapter 11 "Netfilter & iproute - marking packets".

I have two connections adsl in a server web

adsl1
      |
      |
      |
|194.243.12.15 (eth0)   SERVER WEB (eth1) 194.184.12.85 |
                                            |
                                            |
                                            |
                                           adsl2
                                           194.184.12.81

my default gateway is 194.243.12.1 and this is the reason why I can't
ping the adress  194.184.12.85 from another PC outside the LAN.


I configurated iproute e iptables in the follow way:

iptables:
#for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $f; done
#echo 1 > /proc/sys/net/ipv4/route/flush
#iptables -A PREROUTING -i eth1 -p -t mangle -j MARK --set-mark 1

and iproute:
#echo 201 ruteradsl2 >>/etc/iproute2/rt_tables
#ip rule add fwmark 1 table  routeradsl2
# ip rule ls
0:      from all lookup local
32765:  from all fwmark        1 lookup routeradsl2
32766:  from all lookup main
32767:  from all lookup default
# /sbin/ip route add default via 194.184.12.81 dev eth1 table routeradsl2

Unfortunately it doesn't work.
I made this test:
I put after the line "iptables -A PREROUTING -i eth1  -t mangle -j
MARK --set-mark 1" the line
iptables -t nat -A PREROUTING -j LOG \
        --log-level NOTICE --log-prefix "PRE DEBUG after MARK: "

then from an outside pc, I ping the address 194.184.12.81 (adsl2) with
success, then I ping  the address 194.184.12.85 whitout success.

In the log of iptables there are many line like these:
May 21 15:09:22 ottavio kernel: PRE DEBUG after MARK: IN=3Deth1 OUTMAC=00:c=
0:49:b4:7f:c3:00:08:27:10:a9:a9:08:00 SRC=80.207.4.98
DST=194.184.12.85 LEN=84 TOS=3D0x00 PREC=3D0x00 TTLR ID=3D0 DF PROTO=3DICMP
TYPE=3D8 CODE=3D0 ID=17453 SEQ=1280

Where do I wrong?

thanks

Michele Cerioni







_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/