> I have the same problem and tried all possibities i know. > > "ip rule" in fact doesnt route based on port because > IP protocol dont know about ports. BUT u can solve the problem > by using iptables/ipchains with help of MARKs - as u said. > > Unfortinuatly netfilter can only set MARKs in the moment the > packets travers the INPUT Queue (of corresponding interface). > > --> > netfilter is not able to set mark for _local_ created packets, > because the INPUT Queue of netfilter is not passed. > > => In fact the MARK mechanism can only be used for incoming packets. > > In my scenario i would like to do port based routing on local sockets > i cannot use the MARK feature at all. :( > > > I dont know of any other method to solve the problem. > Any other solutions ?? I too have encountered problems with the marking of packets. When I mark packets destined to port 80 using iptables and dump the traffic using tcpdump I can see the packet coming into the local interface (eth0) and leaving the external interface (eth1), getting a reply from the website I'm trying to visit on eth1 but the reply isnt sent to my computer on the local interface. I am however using old versions of iptables (1.2.2) and iproute (20001007) and I have yet to try out a newer version of both iproute and iptables
