Andreas Grabner wrote: > Hi, > i try to get the following work for days now and realy need some > hints. My situaution: > I have 2 independent links to the internet. I would like to get > connections from the internet to an internal host work, regardless to > which of my external IP. > I tried it by marking packets coming in EXTIF1 and set up a own > routing table for marked packets. But it seems the routing does not > work bacause teh packets disappear between PREROUTING and FORWARD. > Please help! If your own IP's on the firewall aren't bound to the network, you'll have to disable rp_filtering. echo "0" > /proc/sys/net/ipv4/eth_whatever/rp_filter You'll also want to make sure outgoing packets are getting natted correctly (if you're natting). Routing the reply usually requires connmark to work properly.
