Hi Marcelo,
I have a Linux box in the border of a customer and have the following setup:
This box runs Squid, in transparent mode. I redirect all traffic to internet on port 80
to port 3128 on the box, when coming from eth2 and eth3.
I need to make all traffic from eth2 and eth3 get to the Internet through eth0 and the
traffic the firewall origintates too.
Only traffic recieved from a single host in eth3 and coming from eth1 should get out
through eth1.
You should be able to use 2 routing tables.
one with a default gateway via eth1, and the other via eth0
you then use policy routing rules:
like this, i think:
ip route add 0/0 via eth2-gw-IP table 1
ip rule add pref 1000 from eth2-gw-IP lookup 1
ip route add default nexthop via eth2-gw-IP dev eth2
ip route add 0/0 via eth1-gw-IP table 2
ip rule add pref 1001 from eth1-gw-IP lookup 2
ip rule add pref 1002 from eth3-single-IP lookup 2
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Damion de Soto - Software Engineer email: damion@xxxxxxxxxxxx
SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809
| Custom Embedded Solutions fax: +61 7 3891 3630
| and Security Appliances web: http://www.snapgear.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- Free Embedded Linux Distro at http://www.snapgear.org ---
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/