Fabio Silva wrote:
> hi list, i need help
> i have two links
>
> LINK 1
> Internet Linux ---- LAN
> LINK 2
>
>
> i need that the traffic web goes to link 2
> i use squid in the linux with transparent proxy i´ve tried to use
> squid parameter "tcp_outgoing_address" but it doesnt work.
I don't know about squid, but this should do it.
--------BEGIN--------
# this is untested, so be sure to look at it closely
# make a chain for marking packets
iptables -t mangle -N link2
iptables -t mangle -A link2 -j mark --set-mark 0x08 # 8 is arbitrary
iptables -t mangle -A link2 -j ACCEPT
# send http traffic to that chain
iptables -t mangle -A PREROUTING \
-m multiport -p tcp --dport www,https -j link2
# set a rule for packets marked with "8" to go to table 8
ip rule add fwmark 8 table 8
# set up the default route for table 8
# replace $LINK2_GW with the gateway for link2 (at your ISP)
# replace $LINK2_DEV with the interface of link2 (eth1 or eth2, etc.)
ip route add default via $LINK2_GW dev $LINK2_DEV table 8
--------END--------
You may need to set up SNAT or masquerade separately for link2. If you
need help with that, I'll send a sample.
-Corey
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
