On Mon, Oct 07, 2002 at 06:21:52PM -0400, Stephane Ouellette wrote: > >>Suppose I want to do some policy routing using the fwmark as a routing > >>key. I should have entered the following commands: > >> > >>iptables -t mangle -A OUTPUT -o eth0 -p icmp --icmp-type \ > >>-d $TESTMACHINE1 -j MARK --set-mark 1 > >>iptables -t mangle -A OUTPUT -o eth1 -p icmp --icmp-type \ > >>-d $TESTMACHINE2 -j MARK --set-mark 2 > > > > > >I'd remove the '-o' option as you don't know yet where the packets > >would be routed to. > > > >Ramin > >PS. You forgot the --icmp-type argument. Did your linux box take > >these commands? > > > > Ramin, > > I mistyped the commands I entered. In fact, you should read: That's what I figured :-) But anyway, did you try these rules without the '-o' options? Another point is that if I remember correctly, either mangle or nat used to have problems with the OUTPUT chain in the past. Ramin > > iptables -t mangle -A OUTPUT -p icmp --icmp-type echo-request \ > -d $TESTMACHINE1 -j MARK --set-mark 1 > iptables -t mangle -A OUTPUT -p icmp --icmp-type echo-request \ > -d $TESTMACHINE2 -j MARK --set-mark 2 > > Stephane _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
