Am Do 15.11.2012, 15:05:54 schrieb PRA:
> 1) eth0 = a.b.X.121(gateway a.b.X.1)
> 2) eth1 = a.b.Y.21 (gateway a.b.Y.1)
>
> there is a sftp server which is ( a.b.X.122 ).
>
> Now when ever I run sftp command I need the traffic to be routed
> through eth1 interface.
>
>
>
> Basically I wanted to route SFTP traffic through eth1. I tried to do it
> suing route but not successful
It would be useful if you had explained what you did.
1) Create a new routing table in /etc/iproute2/rt_tables (I call it sftp)
2) Configure this table:
ip route add default dev eth1 src a.b.Y.21 scope global \
protocol static table sftp
3) Send the sftp traffic to this table. This can be done using Netfilter's
fwmark (I use value 22):
ip rule add type unicast fwmark 22 priority 100 table sftp
4) Mark the sftp traffic with value 22:
iptables -t mangle -A "$chain_name" -j MARK --set-mark 22
Depending on where the sftp traffic is coming from you need put that in OUTPUT
or (and) FORWARD/PREROUTING. Of course, the command needs the criteria for
detecting sftp traffic yet.
Hauke
--
☺
PGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 (seit 2012-11-04)Attachment:
signature.asc
Description: This is a digitally signed message part.
