Chris Wilson wrote:
Hi Ruslan,
Can you help me to construct logic: (from src1 OR from src2) AND
dst=some_dst_addr THEN mark packet with 108
Possible form: (from src1 OR from src2 OR from src3 OR ... and so on)
AND dst=some_dst_addr THEN mark packet with 108
That's easy:
iptables -
iptables -t mangle -N setmark
iptables -t mangle -A setmark -j MARK --set-mark 107
iptables -t mangle -A POSTROUTING -s src1 -d dst1 -j setmark
iptables -t mangle -A POSTROUTING -s src2 -d dst1 -j setmark
iptables -t mangle -A POSTROUTING -s src3 -d dst1 -j setmark
Can you give me an example with above networks? - i mean packets with
(src=193.220.70.0/27 or with src=193.108.240.0/22) and
dst=193.220.70.32/27 will be marked with 108.
Just substitute whatever addresses you want into the above.
Cheers, Chris.
Do below lines the same? :
iptables -t mangle -N setmark
iptables -t mangle -A setmark -s src1 -d dst1 -j MARK --set-mark 107
iptables -t mangle -A setmark -s src2 -d dst1 -j MARK --set-mark 107
iptables -t mangle -A setmark -s src3 -d dst1 -j MARK --set-mark 107
iptables -t mangle -A POSTROUTING -j setmark
Thanks in advance,
Ruslan
