i ve got the clasic firewall for my internal network but inteades of one internet gw ive got two. (internel 172.0.0.0/24) eth0 -#linux box#-eth2 (first gw to internet) #-ppp0 (second gw to internet) i have a trnasparent squid and a nat rule to redirect ports.. iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 then squid looks for the webpages on the two gateways (multipath). now i would like to fwmark paquets generated by squid and thru a routeing table route only www packages to the gw i want. i tryed iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 2 and then echo 201 www.out >> /etc/iproute2/rt_tables ip rule add fwmark 2 table www.out ip route add default gw via 1.1.1.1 dev ppp0 ip route flush cache and does not work!. if i create a rule like ip rule add to 2.2.2.2 table www.out ip route flush cache that does work!.. i think the mangling is not okay..how do i mangle paquetes generated by my own server? if anyone have some experience please help me! thanks in advance
