* [LARTC] marking in OUTPUT --mangle; locally generated packets and route @ 2003-07-09 11:38 lartc 2003-07-13 21:43 ` [LARTC] marking in OUTPUT --mangle; locally generated packets Patrick McHardy 2003-07-15 7:59 ` lartc 0 siblings, 2 replies; 3+ messages in thread From: lartc @ 2003-07-09 11:38 UTC (permalink / raw) To: lartc hello all, i have come accross a curious issue: +----------------------+ +---------------+ | eth1 192.168.1.1 |------------| 192.168.1.250 | | eth1:1 192.168.1.101 | | | +----------------------+ +---------------+ iptables --append OUTPUT --table mangle --jump MARK --set-mark 0x2 ip rule add fwmark 0x2 table 2 ip route add 192.168.1.0/24 dev eth1 src 192.168.1.101 table 2 ip route flush cache telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.1 ip rule add to 192.168.1.250 table 2 ip route flush cache telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.101 are there issues concerning the marking of OUTPUT packets generated on the local box that i should be aware of? many, many thanks charles _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] marking in OUTPUT --mangle; locally generated packets 2003-07-09 11:38 [LARTC] marking in OUTPUT --mangle; locally generated packets and route lartc @ 2003-07-13 21:43 ` Patrick McHardy 2003-07-15 7:59 ` lartc 1 sibling, 0 replies; 3+ messages in thread From: Patrick McHardy @ 2003-07-13 21:43 UTC (permalink / raw) To: lartc I tested your setup and it works fine (with 2.5 though). Are you sure you have CONFIG_IP_ROUTE_FWMARK enabled for your running kernel ? ip rule won't give errors if not .. Bye Patrick lartc@manchotnetworks.net wrote: >hello all, > >i have come accross a curious issue: > >+----------------------+ +---------------+ >| eth1 192.168.1.1 |------------| 192.168.1.250 | >| eth1:1 192.168.1.101 | | | >+----------------------+ +---------------+ > > >iptables --append OUTPUT --table mangle --jump MARK --set-mark 0x2 >ip rule add fwmark 0x2 table 2 >ip route add 192.168.1.0/24 dev eth1 src 192.168.1.101 table 2 >ip route flush cache > > >telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.1 > > >ip rule add to 192.168.1.250 table 2 >ip route flush cache > > >telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.101 > > > >are there issues concerning the marking of OUTPUT packets generated on >the local box that i should be aware of? > > >many, many thanks > >charles > > > > >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] marking in OUTPUT --mangle; locally generated packets 2003-07-09 11:38 [LARTC] marking in OUTPUT --mangle; locally generated packets and route lartc 2003-07-13 21:43 ` [LARTC] marking in OUTPUT --mangle; locally generated packets Patrick McHardy @ 2003-07-15 7:59 ` lartc 1 sibling, 0 replies; 3+ messages in thread From: lartc @ 2003-07-15 7:59 UTC (permalink / raw) To: lartc Hi Patrick, Sincere thanks for your time & help! > i assume you mean CONFIG_IP_ROUTE_FWMARK and not > CONFIG_IP_NF_TARGET_MARK. Yup -- sorry! > i would start with putting some printks in ipt_local_hook > (net/ipv4/netfilter/iptable_mangle.c) before the call to ip_route_me_harder > and in ip_route_me_harder (net/core/netfilter.c) itself. Trying this today ... Kindest Regards Charles Shick _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-07-15 7:59 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2003-07-09 11:38 [LARTC] marking in OUTPUT --mangle; locally generated packets and route lartc 2003-07-13 21:43 ` [LARTC] marking in OUTPUT --mangle; locally generated packets Patrick McHardy 2003-07-15 7:59 ` lartc
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.