Hello Nuno, I'd suggest s/POSTROUTING/PREROUTING/ here: : iptables -t mangle -A POSTROUTING -d SOME.IP.IN.INTERNET -j MARK : --set-mark 21 : : In my ROUTER i want to redirect packets according to MARK and i'm doing: : : root@euroter(~)# more /etc/iproute2/rt_tables : 255 local : 254 main : 253 default : 200 over Consult Stef Coene's kernel packet traveling diagram, which should explain (visually) why you want to mark the packet before the routing stage. http://www.docum.org/stef.coene/qos/kptd/ : root@euroter(~)# ip route ls table over : default via XXX.XXX.XXX.XXX dev eth1 : : where XXX.XXX.XXX.XXX is the gateway of the provider 1. : : Doing ip rule ls, i can see that all packets with mark 21 go to table : over. : root@euroter(~)# ip rule ls : 0: from all lookup local : 32765: from all fwmark 21 lookup over : 32766: from all lookup main : 32767: from all lookup default Naturally, the RPDB (displayed with "ip rule show") is consulted as part of the routing process. So, in short, your host euroter is doing as follows: - routing the packet - marking the packet - transmitting via provider2 : And table over only has default gw, but when i do a : ping XXX.XXX.XXX.XXX it goes throw proveider2 and not provider1. Good luck, -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
