Okay, here is what I got so far. Does this look right? #First turn on NAT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE #Now forward www packets to the web server. iptables -A PREROUTING -t nat --dport 80 -j DNAT --to 10.1.1.1:80 #Mark all packets for mygame for later routing iptables -A FORWARD -t nat --dport 27015 -j MARK --set-mark 0xf01 #Mark all packets going to myisp2.com to jump to custom table #Since the default route is myisp1 I don't have to worry about those. iptables -A FORWARD -t nat -d myisp2.com -j MARK --set-mark 0xf01 #Setup custom table echo 200 John >> /etc/iproute2/rt_tables #Force all traffic from 10.0.0.10 to jump to custom table ip rule add from 10.0.0.10 table John #Force all marked packets to jump to custom table ip rule add fwmark 0xf01 table John #Force all packets that make it to this table to go out on the 2nd interface ip route add default via 195.96.98.253 dev eth1 table John #Fluch the cache when finished ip route flush cache On 12 Jan 2001, at 10:51, Arthur van Leeuwen wrote: > On Thu, 11 Jan 2001 wyonker@xxxxxxxxxx wrote: > > > Here is the final piece to my puzzle. I'll buy someone a beer if > > they can help me with this. > > > > I have two connections to the internet. I would like all traffic on > > port 27015 to go out on the 2nd connection (which is eth1 on the > > router) and all traffic from one client also. Oh and I would like > > to force all traffice going to specific hosts (myisp.com and > > myisp2.com) to go over their respective interfaces because they > > block traffic from anywhere else. > > > Now, to do the part with the client I can just do the following > > right? > > > > echo 200 John >> /etc/iproute2/rt_tables > > ip rule add from 10.0.0.10 table John > > ip route add default via 195.96.98.253 dev ppp2 table John > > ip route flush cache > > > > I copied that from the advanced routing Howto. > > Right so far. > > > So can I just add the port to the 'ip rule add' line? Like this? > > > > ip rule add from 10.1.1.10:27015 table John > > Nope. You'll have to mark the packets with ipchains (or, in your case > iptables) first (the -m option for ipchains, --mark for iptables). > Then you add a rule matching on that fwmark (ip rule add fwmark 0xf00 > table John). Note that you have to specify the marks in hexadecimal, > or else it won't work. > > > As always, any help would be appreciated. > > I'll leave figuring out the ISP-specific routing to your creativity... > can't really spoil all your fun, now can I? :) > > Doei, Arthur. > > -- > /\ / | arthurvl@xxxxxxxxxx | Work like you don't need > the money > /__\ / | A friend is someone with whom | Love like you have never > been hurt > / \/__ | you can dare to be yourself | Dance like there's nobody > watching
