----- Original Message ----- From: "Joe Judge" <joe_judge@xxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Thursday, March 27, 2003 4:27 PM Subject: to patch, or not to patch? > Should I do the Patch-o-matic to get the ROUTE patch? > or is there a way to do this? If you don't want to use patch-o-matic and still get something close to ROUTE target, than use MARK target and advanced routing stuff as described in Linux Advanced Routing and Traffic Control HOWTO on http://lartc.org/. It is quite simple. You mark all packets you want to route differently. Then, you create an alternate routing table based on this very mark using iproute2 stuff. ROUTE target does it all in one shot, it is imho more simple, but you'll have to use POM, so build a new kernel and iptables from sources. MARK+iproute2 does not need POM usage, but likely needs a kernel build as your current one may not support advanced routing stuff, especially use Netfilter mark as routing key. -- Cédric Blancher <blancher@xxxxxxxxxxxxxxxxxx> Consultant en sécurité des systèmes et réseaux - Cartel Sécurité Tél: +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
