i all,
an extract of my rule tables...
40: from all to 203.x.x.64/25 lookup TABLEa
40: from all fwmark 40 lookup TABLEa
50: from 203.x.x.0/24 lookup TABLEb
iptables mangles are as follows..
root@ICG:root# iptables -nvL -t mangle
Chain PREROUTING (policy ACCEPT 7995K packets, 2646M bytes)
pkts bytes target prot opt in out source destination
85 6908 MARK all -- * * 0.0.0.0/0 203.x.x.64/25
MARK set 0x40
Chain INPUT (policy ACCEPT 526K packets, 252M bytes)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 203.x.x.64/29 0.0.0.0/0
MARK set 0x40
im not able to find the problem for why i cant trace or ping to
203.x.x.64/25 network and vice-versa.
i want to add that all forwading rule are there.. it was working when i
didnt used _fwmark_ ..want to use fwmark for policy routing...
one last but not least things to ask is --> _marking_ based policy
routing a good solution that one without _marking_ ???
thanking in advance...
A.H
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
