Hi,
I am connected to two DSL providers (DSL 1 - 1Mbps downlink/384kbps uplink and DSL 2 - 2Mbps downlink/512kpbs uplink)
I would like to only allow ftp, pop3 and http via the DSL 1 and only smtp, ipsec and pptp via DSL 2.
How can I do so? Can I use iproute to route these protocols?
Below is my ip routing: -
# DSL 1 ip route add 2.2.2.208/30 dev eth0 src 2.2.2.210 table 1 ip route add default via 2.2.2.209 table 1
# DSL 2 ip route add 3.3.3.116/30 dev eth2 src 3.3.3.118 table 2 ip route add default via 3.3.3.117 table 2
ip rule add from 2.2.2.208/30 lookup 1 ip rule add from 3.3.3.116/30 lookup 2
ip route add 3.3.3.116/30 dev eth2 table 1 ip route add 10.59.2.0/24 dev eth1 table 1 ip route add 127.0.0.0/8 dev lo table 1
ip route add 2.2.2.208/30 dev eth0 table 2 ip route add 10.59.2.0/24 dev eth1 table 2 ip route add 127.0.0.0/8 dev lo table 2
ip route add default scope global nexthop via 2.2.2.209 dev eth0 weight 1 nexthop via 3.3.3.117 dev eth2 weight 1
Below is my iptables: -
lanif="eth1" squid_box="10.59.2.3" lan_net="10.59.2.0/24"
$ECHO 1 > /proc/sys/net/ipv4/ip_forward
$IPTABLES -t nat -A PREROUTING -i $lanif -s ! $squid_box -p tcp --dport 80 -j DNAT --to $squid_box:3128 $IPTABLES -t nat -A POSTROUTING -o $lanif -s $lan_net -d $squid_box -j SNAT --to $lan_ip $IPTABLES -A FORWARD -s $lan_net -d $squid_box -i $lanif -o $lanif -p tcp --dport 3128 -j ACCEPT
$IPTABLES -t nat -A POSTROUTING -j MASQUERADE
Regards, ro0ot
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
