I have the next network:
Users LAN Servers LAN
(10.0.0.0/24 (mail and web [200.30.57.32/24]
web surf main activity) homologated ip's)
| |
| |
| |
| |
|________________________________|
|
eth1:1 10.0.0.138 | eth1 200.30.57.33
|
{Linux Firewall. kernel 2.4.18}
|
eth2 | eth0 200.30.53.22/30
192.168.1.2/30|
|
_______________/ \______________
| |
| |
{adsl router} {Cisco router} 200.30.53.21/30
|192.168.1.1 |
|(phone line) |(DS0)
| |
| |
{ -------- Internet ------- }
A network with two links to internet: a DS0 and an adsl.
I want that servers with homologated ip's go via the DS0, and end users,
with 10.0.0.0 addresses go via adsl. Both links through the same
firewall.
Also, end users must have Nat, and servers dont. For this i use:
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth2 -j MASQUERADE
The default gateway in the firewall is the cisco router, my question is:
How can I make to force packets from 10.0.0.0 go via eth2(192.168.1.2) ?
I imagine something like:
ip route add 192.168.1.1/30 via 192.168.1.2 table 1
ip rule add from 10.0.0.0/24 table 1
But doesn't work. What'd be the correct way to do it?
Omar
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
