All of lore.kernel.org
 help / color / mirror / Atom feed
From: Damion de Soto <damion@snapgear.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] routing oddity, help?
Date: Sun, 24 Aug 2003 23:55:01 +0000	[thread overview]
Message-ID: <marc-lartc-106176942019006@msgid-missing> (raw)
In-Reply-To: <marc-lartc-106156216120711@msgid-missing>

Philip Champon wrote:
> 
> Machine B
> iptables -A PREROUTING -t mangle -j MARK -p tcp --dport 443 --set-mark 0x1
> ip rule add prio 100 fwmark 1 table 100
> ip route add local 0/0 dev lo table 100
> 
> Issuing these commands on machine A, packets move as I expect them to. However,
> on machine B, using tcpdump I see packets come in on port 443, but I never see
> machine B respond or send an ICMP error.

I never tried anything like this before, and don't really understand what you're 
doing, but taking a guess:
aren't you directing the incoming port 443 packets to the loopback device routing table ?
so then they're never going to do anything useful, unless your application is 
specificaly listening on 127.0.0.1 ?


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Damion de Soto - Software Engineer  email:     damion@snapgear.com
SnapGear ---                           ph:         +61 7 3435 2809
  | Custom Embedded Solutions          fax:         +61 7 3891 3630
  | and Security Appliances            web: http://www.snapgear.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

      reply	other threads:[~2003-08-24 23:55 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-08-22 14:19 [LARTC] routing oddity, help? Philip Champon
2003-08-24 23:55 ` Damion de Soto [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-106176942019006@msgid-missing \
    --to=damion@snapgear.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.