Hi Mark,
Using the following lines it is possible to copy the default routing table
into a second. With the fwmark rule you can trigger the routing table from
iptables.
$ ip route flush table 4 > /dev/null 2>&1
$ ip route show table main | grep -Ev '^default' \
| while read ROUTE ; do
ip route add table 4 $ROUTE
done
$ ip rule add fwmark 4 table 4
$ ip route add default via xxx.xxx.xxx.xxx table 4
Iptables part
$ iptables -t mangle -A PREROUTING -s aaa.bbb.ccc.ddd -j MARK --set-mark 4
If your source is matching the rule, it will be send via the alternative
route, otherwise it will go via your normal route. Feel free to add more
hosts.
In case you wish to use loadsharing, then you have to use a different
approach. Read more about this at:
http://linux-ip.net/html/adv-multi-internet.html
http://www.ssi.bg/~ja/nano.txt
My problem here is that I still haven't heard about a solution where you have
a mixture of MASQUERAD'ing and NAT'ing.
At least I hope this will help you.
Regards
Kim
On Monday 24 March 2003 20:49, Mark Seamans wrote:
> Has anyone used iptables (realm support) to act like Cisco's route mapping?
> IE: Using it as a core ISP router with multiple uplinks. Route source ip
> A to gateway X, while routing source ip B to gateway Y.
>
> I have played around with iproute2's tables and rules with no success.
>
> Mark
