Hello, I'm trying to configure a machine to send mail traffic out on eth0 and web traffic, via Squid, out of eth1, with the default gw on the eth0 interface. After spending most of the day of trying this and that and reading docs until my eye hurts, I have had zero luck making anything work expect for standard routing. The Advance Routing Howto makes it seams easy to do this, but I fear there is something left out, or something hidden in a section that should be there. I have read that docs, the ipfilter howto, and a few others docs, but I can't seam to figure out how to get this work. As my last recourse, I'm asking the list for help. Here's the setup. The kernel is a stock Fedora Core 1 and seams to be configure correctly: # grep CONFIG_IP_ADVANCED_ROUTER /boot/config-2.4.22-1.2115.nptl CONFIG_IP_ADVANCED_ROUTER=y # grep CONFIG_IP_MULTIPLE_TABLES /boot/config-2.4.22-1.2115.nptl CONFIG_IP_MULTIPLE_TABLES=y # grep CONFIG_IP_ROUTE_FWMARK /boot/config-2.4.22-1.2115.nptl CONFIG_IP_ROUTE_FWMARK=y I have enabled ip forwarding: # grep ip_forward /etc/sysctl.conf net.ipv4.ip_forward = 1 The iptables, ip rule and ip route statements are lifted right out of the docs: #iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark 1 #ip rule add fwmark 0x1 table www.out #ip route add default via $ETH1_GW dev eth1 table www.out And logging for the heck of it: #iptables -t mangle -A PREROUTING -m mark --mark 1 -j LOG --log-level DEBUG --log-prefix "fwmark 1:" Yet nothing seams to work and nothing is logging. It almost looks like iptables is not marking the packets correctly? What do I need to fix this? Thanks, Steven __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
