[LARTC] partly correct routing

All of lore.kernel.org
 help / color / mirror / Atom feed

* [LARTC] partly correct routing
@ 2000-12-04 17:17 Stefan
  2000-12-04 19:05 ` Wingtung.Leung
  0 siblings, 1 reply; 2+ messages in thread
From: Stefan @ 2000-12-04 17:17 UTC (permalink / raw)
  To: lartc

<PRE>Hello!
I want to use my isdn (ippp0) connection for ftp transfer and my adsl 
(eth0/ppp0) connection for all other transfer from my LAN (eth1) connected to 
the router.
I managed to set up iproute2 with fwmarks to send out packet to ippp0, but 
the data connection is done by adsl.
What do I have to set up to get this working correctly?
my iptables setup:
$IPTABLES -A PREROUTING -t mangle -p TCP -d ! $LOCALNET --dport 21 -j MARK 
--set-mark 1
$IPTABLES -A PREROUTING -t mangle -p UDP -d ! $LOCALNET --dport 21 -j MARK 
--set-mark 1
$IPTABLES -A PREROUTING -t mangle -p TCP -d ! $LOCALNET --dport 20 -j MARK 
--set-mark 1
$IPTABLES -A PREROUTING -t mangle -p UDP -d ! $LOCALNET --dport 20 -j MARK 
--set-mark 1

routing in table ippp0:
ip route list table ippp0
195.3.65.72 dev ippp0  proto kernel  scope link  src 212.183.78.79 
default via 195.3.65.72 dev ippp0

other routing:
ip route list            
212.88.181.5 dev ppp0  proto kernel  scope link  src 212.88.xxx.xxx 
195.3.65.0/24 dev ippp0  proto kernel  scope link  src 212.183.78.79 
10.0.0.0/24 dev eth0  proto kernel  scope link  src 10.0.0.2 
192.168.2.0/24 dev eth1  proto kernel  scope link  src 192.168.2.1 
127.0.0.0/8 dev lo  scope link 
default via 212.88.181.5 dev ppp0


ip rule list
0:      from all lookup local 
32765:  from all fwmark        1 lookup ippp0 
32766:  from all lookup main 
32767:  from all lookup default
-- 
thanx
Stefan
Email: <A HREF="mailto:stefan.bayer@gmx.net">stefan.bayer@gmx.net</A>
----------------------------------------------------
My Box said: &quot;Install Win95 or better ...&quot; So I installed Linux.

Microsoft gives you Windows
Linux gives you the whole house
	


</PRE>

^ permalink raw reply	[flat|nested] 2+ messages in thread

* [LARTC] partly correct routing
  2000-12-04 17:17 [LARTC] partly correct routing Stefan
@ 2000-12-04 19:05 ` Wingtung.Leung
  0 siblings, 0 replies; 2+ messages in thread
From: Wingtung.Leung @ 2000-12-04 19:05 UTC (permalink / raw)
  To: lartc

<PRE>I think you misunderstand the FTP protocol. The FTP commands are sent to
the server's port 21 and the data is sent FROM the server port 20 to a
local unprivileged port (&gt;1024).

I think you should set your mark dependant on source port instead of
destination port.

Another way: use passive FTP, where the client initiates the connection to
a unprivileged server port.

(I know I don't give all the answers here, but hope it's a good start for
you.

On Mon, 4 Dec 2000, Stefan Bayer wrote:

&gt;<i> Hello!
</I>&gt;<i> I want to use my isdn (ippp0) connection for ftp transfer and my adsl
</I>&gt;<i> (eth0/ppp0) connection for all other transfer from my LAN (eth1) connected to
</I>&gt;<i> the router.
</I>&gt;<i> I managed to set up iproute2 with fwmarks to send out packet to ippp0, but
</I>&gt;<i> the data connection is done by adsl.
</I>&gt;<i> What do I have to set up to get this working correctly?
</I>&gt;<i> my iptables setup:
</I>&gt;<i> $IPTABLES -A PREROUTING -t mangle -p TCP -d ! $LOCALNET --dport 21 -j MARK
</I>&gt;<i> --set-mark 1
</I>&gt;<i> $IPTABLES -A PREROUTING -t mangle -p UDP -d ! $LOCALNET --dport 21 -j MARK
</I>&gt;<i> --set-mark 1
</I>&gt;<i> $IPTABLES -A PREROUTING -t mangle -p TCP -d ! $LOCALNET --dport 20 -j MARK
</I>&gt;<i> --set-mark 1
</I>&gt;<i> $IPTABLES -A PREROUTING -t mangle -p UDP -d ! $LOCALNET --dport 20 -j MARK
</I>&gt;<i> --set-mark 1
</I>&gt;<i>
</I>&gt;<i> routing in table ippp0:
</I>&gt;<i> ip route list table ippp0
</I>&gt;<i> 195.3.65.72 dev ippp0  proto kernel  scope link  src 212.183.78.79
</I>&gt;<i> default via 195.3.65.72 dev ippp0
</I>&gt;<i>
</I>&gt;<i> other routing:
</I>&gt;<i> ip route list
</I>&gt;<i> 212.88.181.5 dev ppp0  proto kernel  scope link  src 212.88.xxx.xxx
</I>&gt;<i> 195.3.65.0/24 dev ippp0  proto kernel  scope link  src 212.183.78.79
</I>&gt;<i> 10.0.0.0/24 dev eth0  proto kernel  scope link  src 10.0.0.2
</I>&gt;<i> 192.168.2.0/24 dev eth1  proto kernel  scope link  src 192.168.2.1
</I>&gt;<i> 127.0.0.0/8 dev lo  scope link
</I>&gt;<i> default via 212.88.181.5 dev ppp0
</I>&gt;<i>
</I>&gt;<i>
</I>&gt;<i> ip rule list
</I>&gt;<i> 0:      from all lookup local
</I>&gt;<i> 32765:  from all fwmark        1 lookup ippp0
</I>&gt;<i> 32766:  from all lookup main
</I>&gt;<i> 32767:  from all lookup default
</I>


</PRE>

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2000-12-04 19:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2000-12-04 17:17 [LARTC] partly correct routing Stefan
2000-12-04 19:05 ` Wingtung.Leung

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.