Re: [LARTC] marking in OUTPUT --mangle; locally generated packetsand route lookup - broken?

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I tested your setup and it works fine (with 2.5 though). Are you sure you have
CONFIG_IP_ROUTE_FWMARK enabled for your running kernel ? ip rule won't give
errors if not ..

Bye
Patrick

lartc@xxxxxxxxxxxxxxxxxxx wrote:

hello all,

i have come accross a curious issue:

+----------------------+            +---------------+
| eth1   192.168.1.1   |------------| 192.168.1.250 |
| eth1:1 192.168.1.101 |            |               |
+----------------------+            +---------------+


iptables --append OUTPUT --table mangle --jump MARK --set-mark 0x2
ip rule add fwmark 0x2 table 2
ip route add 192.168.1.0/24 dev eth1 src 192.168.1.101 table 2
ip route flush cache


telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.1


ip rule add to 192.168.1.250 table 2
ip route flush cache


telnet 192.168.1.250 ; and tcpdump gives src ip address as 192.168.1.101



are there issues concerning the marking of OUTPUT packets generated on
the local box that i should be aware of?


many, many thanks

charles




_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/




[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux