Howzit guys, I've just subsribed to the list, so I don't know if I'll get flamed for not checking the archives first if there is any. Anyway, here's the problem i've got. I have a box with a public IP on eth1 that hooks onto the router for a leased line. The LAN has a windows XP (YAY!!!) box with a USB adsl modem (that's why it isn't on the linux box) I can also use as a default gateway for the linux box. Now here's where it gets interesting, I want to forward any browsing to the XP box so that I can get the advantage of the fast DSL line. And anything needing a static address ie. Mail MX, remote admin etc. to go through the router. Here's my setup at the moment. Linux box has a default gateway of the router, then I've read the section in the howto that's the same as the subject. So that parkets with a dport of 80 are being marked with a 1 and then I've got a ip rule that says fwmarks of 1 must lookup proxy. And proxy's default route points to the XP box. But it doesn't work, if I do the same with dport 25 but I use the OUTPUT chain then it uses the ADSL ip. I hope this makes sence, cuz I've prolly not just confused all of you but myself too. Here's the rules that i'm using for extra reference --------------------------- [root@xxxx root]# ip rule ls 0: from all lookup local 32765: from all fwmark 1 lookup proxy 32766: from all lookup main 32767: from all lookup 253 --------------------------- [root@xxxx root]# ip route show 196.xx.xx.x/30 dev eth1 scope link 192.168.0.0/22 dev eth0 scope link 127.0.0.0/8 dev lo scope link default via 196.xx.xx.x dev eth1 --------------------------- [root@xxxx root]# ip route show table proxy default via 192.168.0.1 dev eth0 --------------------------- Chain OUTPUT (policy ACCEPT) target prot opt source destination MARK tcp -- anywhere anywhere tcp dpt:snews MARK set 0x1 MARK tcp -- anywhere anywhere tcp dpt:https MARK set 0x1 MARK udp -- anywhere anywhere udp dpt:www MARK set 0x1 MARK tcp -- anywhere anywhere tcp dpt:www MARK set 0x1 --------------------------- Notice that currently I am not use the PREROUTING chain because that gives no results at all. Also I have checked that IP: advanced router (CONFIG_IP_ADVANCED_ROUTER) [Y/n/?] IP: policy routing (CONFIG_IP_MULTIPLE_TABLES) [Y/n/?] IP: use netfilter MARK value as routing key (CONFIG_IP_ROUTE_FWMARK) [Y/n/?] is compiled into the kernel, and the modules are loaded. Please guys, any help would be greatly appreciated -- Riaan Annandale Client Services: Corporate Support Engineer TISCALI (PTY) LTD THE COMMUNICATION COMPANY 42 Wierda Road West, Wierda Valley, Sandton Mobile : Office : +27 11 286 5014 Fax : E-Mail : Riaan.Annandale@xxxxxxxxxxxxxx http://www.tiscali.co.za Disclaimer: This email is considered a business record and is therefore property of Tiscali. This email, and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. This communication represents the originator's personal views and opinions, which do not necessarily reflect those of Tiscali. If you are not the original recipient or the person responsible for delivering the email to the intended recipient, be advised that you have this email in error, and that any use, dissemination, forwarding, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately notify disclaimer@xxxxxxxxxxxxxxx
Attachment:
pgp00136.pgp
Description: PGP signature
