Oh, sorry for HTML!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!! Hello! I had found a script to multipath DSL connections: http://linux.com.lb/beta/index.pl?node=Load%20Balancing%20Across%20Multiple% 20Links I have made some modifications, but in second part of this mail are some errors: __________________________________________________________________ First the script: __________________________________________________________________ #!/bin/bash # iptables userspace executable iptables="/usr/local/sbin/iptables" # Internal Interface NET_INT_INT=eth0 # Internal IP NET_INT_IP=192.168.20.1 # Internal Subnet NET_INT_SUB=24 # Internal Network NET_INT_NET=192.168.20.0 # First external interface NET_EXT_INT1=eth1 # First external IP NET_EXT_IP1=192.168.21.1 # First external interface's gateway NET_EXT_GW1=192.168.21.2 # Second external interface NET_EXT_INT1=eth2 # Second external IP NET_EXT_IP1=192.168.22.1 # Second external interface's gateway NET_EXT_GW1=192.168.22.2 echo "Flushing All Tables" iptables -F iptables -F -t nat iptables -F -t mangle iptables -X -t nat iptables -X -t mangle iptables -X echo "Mangle eth1" iptables -t mangle -N eth1 iptables -t mangle -F eth1 iptables -t mangle -A eth1 -p tcp -j LOG --log-prefix " MANGLE_TCP_ETH1 " iptables -t mangle -A eth1 -p icmp -j LOG --log-prefix " MANGLE_ICMP_ETH1 " iptables -t mangle -A eth1 -j MARK --set-mark 1 echo "Mangle eth2" iptables -t mangle -N eth2 iptables -t mangle -F eth2 iptables -t mangle -A eth2 -p tcp -j LOG --log-prefix " MANGLE_TCP_ETH2 " iptables -t mangle -A eth2 -p icmp -j LOG --log-prefix " MANGLE_ICMP_ETH2 " iptables -t mangle -A eth2 -j MARK --set-mark 2 echo "NAT" iptables -t nat -N SPOOF_ETH1 iptables -t nat -F SPOOF_ETH1 iptables -t nat -A SPOOF_ETH1 -j LOG --log-prefix " SPOOF_ETH1 " iptables -t nat -A SPOOF_ETH1 -j SNAT --to-source $NET_EXT_IP1 iptables -t nat -N SPOOF_ETH2 iptables -t nat -F SPOOF_ETH2 iptables -t nat -A SPOOF_ETH2 -j LOG --log-prefix " SPOOF_ETH2 " iptables -t nat -A SPOOF_ETH2 -j SNAT --to-source $NET_EXT_IP2 echo "Setting some local network rules..." iptables -A INPUT -p icmp -s $NET_INT_NET/$NET_INT_SUB -d $NET_INT_IP -j ACCEPT echo "Setting Mangle rules for eth1..." iptables -t mangle -A OUTPUT -o ! $NET_INT_INT -m random --average 50 -j eth1 iptables -t mangle -A PREROUTING -i $NET_INT_INT -m random --average 50 -j eth1 ip ro add default via $NET_EXT_GW1 dev $NET_EXT_INT1 table 10 ip ru add fwmark 1 table 10 ip ro fl ca echo "Setting Mangle rules for eth2..." iptables -t mangle -A OUTPUT -o ! $NET_INT_INT -m random --average 50 -j eth2 iptables -t mangle -A PREROUTING -i $NET_INT_INT -m random --average 50 -j eth2 ip ro add default via $NET_EXT_GW2 dev $NET_EXT_INT2 table 20 ip ru add fwmark 2 table 20 ip ro fl ca echo "Setting up spoofing rules..." iptables -t nat -A POSTROUTING -o $NET_EXT_INT1 -j SPOOF_ETH1 iptables -t nat -A POSTROUTING -o $NET_EXT_INT2 -j SPOOF_ETH2 echo "Adding default route..." ip ro add default nexthop via $NET_EXT_GW1 dev $NET_EXT_INT1 weight 1 nexthop via $NET_EXT_GW2 dev $NET_EXT_INT2 weight 1 echo "Disabling Reverse Path Filtering..." echo 0> /proc/sys/net/ipv4/conf/eth1/rp_filter echo 0> /proc/sys/net/ipv4/conf/eth2/rp_filter echo "Enabling IPv4 Packet forwarding..." echo "1"> /proc/sys/net/ipv4/ip_forward __________________________________________________________________ Second the errors: __________________________________________________________________ debian:~/script# sh natfilter Flushing All Tables Mangle eth1 Mangle eth2 NAT iptables v1.2.6a: Unknown arg `--to-source' Try `iptables -h' or 'iptables --help' for more information. Setting some local network rules... Setting Mangle rules for eth1... Setting Mangle rules for eth2... Error: an inet address is expected rather than "dev". Setting up spoofing rules... Warning: weird character in interface `-j' (No aliases, :, ! or *). Bad argument `SPOOF_ETH2' Try `iptables -h' or 'iptables --help' for more information. Adding default route... Error: an IP address is expected rather than "dev" Disabling Reverse Path Filtering... Enabling IPv4 Packet forwarding... __________________________________________________________________ Thank you very much! Direct contact: fte112 (at) gmx.de _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
