I believe you can use the "helper" module: http://www.iptables.org/documentation/pomlist/pom-submitted.html#helper and mark the related packets like so: iptables -t mangle -A PREROUTING -m helper --helper ftp -j MARK --set-mark 2 This is just an idea and I have not tested this solution personally. Ramin On Thu, Nov 21, 2002 at 03:07:54PM +0000, Nuno Miguel Pais Fernandes wrote: > I have a router with 2 isp's connected. > > My default route is by isp1, and i mark packets to port 80 and port 21 > with mark 2. > > with: ip rule ls > > 0: from all lookup local > 32765: from all fwmark 2 lookup 200 > 32766: from all lookup main > 32767: from all lookup 253 > > and in table 200 i have the route by isp2. > > My http traffic goes well, but ftp doesn't. > Using Passive mode all works well, but with active it doest work, > because the ftp server callsback with port 20. > Please note that isp2 is masqueraded and i have ip_conntrack_ftp in the > kernel. > > Thanks for any advice. > > Nuno Fernandes > > > -- > Nuno Miguel Pais Fernandes <npf@eurotux.com> > Eurotux S.A. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
