Hi, I read your "Linux 2.4 Advanced Routing" HOWTO, and particularly the chapter 11 "Netfilter & iproute - marking packets".
I have two connections adsl in a server web
adsl1
|
|
|
|194.243.12.15 (eth0) SERVER WEB (eth1) 194.184.12.85 |
|
|
|
adsl2
194.184.12.81my default gateway is 194.243.12.1 and this is the reason why I can't ping the adress 194.184.12.85 from another PC outside the LAN.
I configurated iproute e iptables in the follow way:
iptables: #for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $f; done #echo 1 > /proc/sys/net/ipv4/route/flush #iptables -A PREROUTING -i eth1 -p -t mangle -j MARK --set-mark 1
and iproute: #echo 201 ruteradsl2 >>/etc/iproute2/rt_tables #ip rule add fwmark 1 table routeradsl2 # ip rule ls 0: from all lookup local 32765: from all fwmark 1 lookup routeradsl2 32766: from all lookup main 32767: from all lookup default # /sbin/ip route add default via 194.184.12.81 dev eth1 table routeradsl2
Unfortunately it doesn't work.
I made this test:
I put after the line "iptables -A PREROUTING -i eth1 -t mangle -j
MARK --set-mark 1" the line
iptables -t nat -A PREROUTING -j LOG \
--log-level NOTICE --log-prefix "PRE DEBUG after MARK: "then from an outside pc, I ping the address 194.184.12.81 (adsl2) with success, then I ping the address 194.184.12.85 whitout success.
In the log of iptables there are many line like these: May 21 15:09:22 ottavio kernel: PRE DEBUG after MARK: IN=eth1 OUT= MAC=00:c0:49:b4:7f:c3:00:08:27:10:a9:a9:08:00 SRC=80.207.4.98 DST=194.184.12.85 LEN=84 TOS=0x00 PREC=0x00 TTL=52 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=17453 SEQ=1280
Where do I wrong?
thanks
Michele Cerioni
