You have to capture the local packets in OUTPUT chain, not in PREROUTING. Well, I have a problem with the ping scripts used for dead gateway detection, I will post it in another thread. -----Original Message----- From: lartc-bounces@xxxxxxxxxxxxxxx [mailto:lartc-bounces@xxxxxxxxxxxxxxx] On Behalf Of Andrea Sent: Tuesday, June 12, 2007 4:00 PM Cc: lartc@xxxxxxxxxxxxxxx Subject: Re: Re: multiple routing tables for internal router programs > I was saying Andrea: Try to define a new routing table, add a chain in > mangle table for tagging packets and add a rule to deliver those packets > to the new route. > Again, I'm sorry. I didn't know this is a "english-only" list. Thanks for the reply. This is the exact way that I used for managing traffic of my lan towards ISPs. But is this mode still valid if I want to manage services executed directly in the router? this rule: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1 capture all (web) traffic that crosses my router. Can I capture only the (web) traffic generated from my router and directed to internet? Anymore, I don't need it more: I've resolved my problem, the conflict between a "ping script" (that I'm writing for multiple gateway testing)and servers executed in router too: first version of my script sets a default gateway for testing it with ping, now I've discovered that I can use a specific route involving the gateway without setting default gateway, a much better solution. _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
