Hello,
Some strange things are happening, when I try to use routing decisions based on fwmark.
Ok.
host:~# ip rule add fwmark 19 lookup inet host:~# iptables -t mangle -F host:~# iptables -t mangle -A OUTPUT -j MARK --set-mark 19
[vs.]
host:~# ip rule add fwmark 1 lookup inet host:~# iptables -t mangle -A OUTPUT -j MARK --set-mark 1
A lot of people fall into this trap.
:) The problem is that the fwmark from iproute2 takes its argument as a hex value. So when you write the following line:I have no idea what I have done wrong and the workaround (by using "1") isn't really a good idea because is need plenty ( > 10) of fwmark targets.
ip rule add fwmark 19 lookup inet
You actually have 0x19 which is 25. So you need to to set the following according iptables mangle rule with MARK=19:
iptables -t mangle -A OUTPUT -j MARK --set-mark $((0x${MARK}))
It's probably a beginner's problem but there is not really a man page for this, so I say RTSL :)If this is a beginner's problem please say something like # man iptables
Cheers and HTH,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
