Hi all, After having gnawed myself through tons of docs, having discussed this problem on the Linux Advanced Router & Traffic Control mailinglist, I am simply beginning to be desperate. My problem is as follows; I have 2 internet providers, QSC & Arcor. QSC is a fast connection where we have 32 static IP addresses which should be mapped to our 32 internal machines. Arcor is a cheap flatrate, where we wish to see all our traffic running. I have set up a routing so using --set-mark, I can tell the routing system which route to pick by using an fwmark rule. The way we wish to have the system working is rather simple, all traffic should go via the Arcor, only mail should go via the QSC. All incoming traffic for the QSC should of course be answered. To match the setup, I'm trying two things; First to make external connections, and second, to make internal connections. When making an external connection, the packets passes through the firewall, enters my internal server, and is being replied correctly, but then when it hits the firewall it gets lost! When making an internal connection, the packet hits the external server, an ack comes back and I receive this, but when sending anything after the first ack (initial reply), it gets lost as above! My problem seems tobe lying in the connection tracking, which simply doesn't work properly. I have a rule for all packets arriving on the QSC interface that they should have their destination rewritten to the internal net, this works fine, but when apparently I'm making a mistake somewhere. Instead of showing my embarassing attempts of setting up a set of sensible iptable rules, can anyone please give me a hint to what I have to do? /Kim
