From: Alexandru Dragoi <alex@zoomnet.ro>
To: Andre Kalamandeen <x_trodinary@yahoo.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Policy routing with mark not working.
Date: Thu, 11 May 2006 00:24:51 +0300 [thread overview]
Message-ID: <44625A23.30606@zoomnet.ro> (raw)
In-Reply-To: <20060510202615.51988.qmail@web53303.mail.yahoo.com>
Andre Kalamandeen wrote:
>Hey all im trying to mark packets and use the kernel
>routing table to get the packets to go where i want.
>The problem that i have with this is that even though
>the packets are being marked (I checked using
>"iptables -t mangle -vnL") it doesnt seem to be going
>through the correct route. I;ve followed this guide :
>
>http://edseek.com/archives/2006/05/01/configuring-multipath-routing-for-ports-without-balancing/
>
>but all traffic goes through the default route and not
>the marked one.
>
># ip rule gives:
>0: from all lookup local
>200: from all fwmark 0x4 lookup 201
>32766: from all lookup main
>32767: from all lookup default
>
># ip route show table 201
>default via 192.168.77.2 dev eth3
>
>the iptables command i use to mark is:
># iptables -t mangle -A PREROUTING -m string --algo bm
>--string "yahoo.com" -j MARK --set-mark 0x4
>
>i've also flushed the route cache,....any help?
>
>Thanks.
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com
>
>
>
That rule maybe routes only some packets of a connection, not the entire
stream. as a tip, it is good to put some static routes in table 201, like
# ip ro add 182.168.77.0/24 dev eth3 table 201
and so on with all local networks
next prev parent reply other threads:[~2006-05-10 21:24 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-10 20:26 Policy routing with mark not working Andre Kalamandeen
2006-05-10 21:24 ` Alexandru Dragoi [this message]
2006-05-12 0:01 ` Frank
2006-05-12 10:54 ` Pascal Hambourg
2006-05-12 13:53 ` Andre Kalamandeen
2006-05-12 19:45 ` Pascal Hambourg
2006-05-13 0:10 ` Frank
2006-05-22 20:38 ` Andre Kalamandeen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44625A23.30606@zoomnet.ro \
--to=alex@zoomnet.ro \
--cc=netfilter@lists.netfilter.org \
--cc=x_trodinary@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox