Hi ! I have a question about conntrack ... I have one box, action as router, with 2 internet connections (one ADSL and one Wifi) and a connection to my network ... I have some DNAT rules, for example, to redirect port 25 on my 'router' to my mail server (IP 192.168.1.2) ... the problem is .. actually I only use ADSL for other services and Wifi for email .. (I use FWMARK and IPROUTE2 to do this) ... There isn't any way to conntrack/other methods to do a redirect in both links .. and conntrack (using ESTABLISHED state information) to decide witch route to take .. or any rules I can mark it using this info and decide with iproute2 ? Actually I use iptroute2 with matches a FWMARK created with this iptables rule : iptables -t mangle -A FORWARDING -s $MY_SMTP -m tcp -p tcp --sport smtp -j MARK --set-mark 0xa2 but if my wifi link goes down, i have to manually remove this mark to allow packets comming from my SMTP to take ADSL route :o/ ... Thanks ! Theo
