Hi all, I had a problem like that and i solved making a rule with iptables that all traffic to port 25 i was routing to ip that was accept to send. Or you may try to creat a rule when outgoing traffic is via ISP2 you change the source ip. Try a let me know. []'s Anderson > > Hello! > > I have set up a LINUX router with two seperate uplinks to do load > balancing. I made all the configuration after the "NANO -HOWTO to use > more than one independent Internet connection" document . I patched my > 2.4.24 kernel with patches, described in this document. My > configuration is: > ------------------------------------------------------- -------- > #!/bin/bash > #------------------------------ > LAN_IF - LAN interface > LAN_IP - LAN IP > LAN_NET - LAN network/mask > #------------------------------ > INET1_IF - external interface no. 1 > INET1_IP - external IP no. 1 > INET1_NET - external network/mask no. 1 > INET1_GW - remote gateway no. 1 > #------------------------------ > INET2_IF - external interface no. 2 > INET2_IP - external IP no. 2 > INET2_NET - external network/mask no. 2 > INET2_GW - remote gateway no. 2 > #------------------------------ > echo "1" > /proc/sys/net/ipv4/ip_forward > > /sbin/modprobe ip_conntrack_ftp > /sbin/modprobe ip_nat_ftp > /sbin/modprobe ip_conntrack_irc > /sbin/modprobe ip_nat_irc > > IPTABLES=/usr/sbin/iptables > > $IPTABLES -t filter -P INPUT ACCEPT > $IPTABLES -t filter -P OUTPUT ACCEPT > $IPTABLES -t filter -P FORWARD ACCEPT > $IPTABLES -t nat -P PREROUTING ACCEPT > $IPTABLES -t nat -P POSTROUTING ACCEPT > $IPTABLES -t nat -P OUTPUT ACCEPT > $IPTABLES -t mangle -P PREROUTING ACCEPT > $IPTABLES -t mangle -P INPUT ACCEPT > $IPTABLES -t mangle -P OUTPUT ACCEPT > $IPTABLES -t mangle -P FORWARD ACCEPT > $IPTABLES -t mangle -P POSTROUTING ACCEPT > $IPTABLES -t nat -F > $IPTABLES -t mangle -F > $IPTABLES -t filter -F > $IPTABLES -t filter -X keep_state > $IPTABLES -t nat -X keep_state > > $IPTABLES -t filter -N keep_state > $IPTABLES -t filter -A keep_state -m state -- state RELATED,ESTABLISHED -j ACCEPT > $IPTABLES -t filter -A keep_state -j RETURN > $IPTABLES -t nat -N keep_state > $IPTABLES -t nat -A keep_state -m state -- state RELATED,ESTABLISHED -j ACCEPT > $IPTABLES -t nat -A keep_state -j RETURN > > $IPTABLES -t nat -A PREROUTING -j keep_state > $IPTABLES -t nat -A POSTROUTING -j keep_state > $IPTABLES -t nat -A OUTPUT -j keep_state > $IPTABLES -t filter -A INPUT -j keep_state > $IPTABLES -t filter -A FORWARD -j keep_state > $IPTABLES -t filter -A OUTPUT -j keep_state > > /sbin/ip rule del prio 50 table main > /sbin/ip rule add prio 50 table main > /sbin/ip route del default table main > > /sbin/ip rule del prio 201 from $INET1_NET table 201 > /sbin/ip rule add prio 201 from $INET1_NET table 201 > /sbin/ip route add default via $INET1_GW dev $INET1_IF \ > src $INET1_IP proto static table 201 > /sbin/ip route append prohibit default table 201 metric 1 proto static > > /sbin/ip rule del prio 202 from $INET2_NET table 202 > /sbin/ip rule add prio 202 from $INET2_NET table 202 > /sbin/ip route add default via $INET2_GW dev $INET2_IF \ > src $INET2_IP proto static table 202 > /sbin/ip route append prohibit default table 202 metric 1 proto static > > /sbin/ip rule del prio 222 table 222 > /sbin/ip rule add prio 222 table 222 > /sbin/ip route add default table 222 proto static \ > nexthop via $INET1_GW dev $INET1_IF \ > nexthop via $INET2_GW dev $INET2_IF > > $IPTABLES -t nat -A POSTROUTING -o $INET1_IF - s $LAN_NET -j SNAT --to-source $INET1_IP > $IPTABLES -t nat -A POSTROUTING -o $INET2_IF - s $LAN_NET -j SNAT --to-source $INET2_IP > ------------------------------------------------------- -------------------------- > > Load balancing works well, and everything seems to be O K. > But there is a problem: two uplinks are from different ISP's, so they > have their own SMTP servers. I have to use only one SMT P server to > send e-mail, so I set up SMTP server of ISP1 in my e- mail client > program. But because of load balancing, SMTP traffic so metimes go > through the second line ISP2, and then the SMTP server of ISP1 refuses > to accept my message. > > So I would like to "tie" SMTP traffic to ISP1 line. Wha t rules should > I use? Perhaps I should mark all the SMTP traffic with IPTABLES MARK? > > I would be very grateful for your help and suggestions. .. > > Rokas Zakarevicius > > > _______________________________________________ > LARTC mailing list / LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: ht tp://lartc.org/ > __________________________________________________________________________ Acabe com aquelas janelinhas que pulam na sua tela. AntiPop-up UOL - É grátis! http://antipopup.uol.com.br/ _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
