On Tue, Mar 29, 2005 at 09:34:05AM +0400, Visham Ramsurrun wrote:
> I wanted to ask if it is possible to have packets enter a firewall
> host on eth0 and get sent back on the same interface, i.e sth like
> ...-i eth0 -o eth0...
if your routing table says that a packet needs to go out eth0, then it
will go out eth0...if it happened to enter on eth0 isn't really part of
the decision.
> Is this possible using the iptables commands. If not, is there a way
> to do it (I mean by modifying IPTables code)?
if you are trying to override the normal routing decision, you could use
netfilter targets such as DNAT, or ROUTE...or you could use netfilter
MARK-ing in conjunction with iproute2, or just solely iproute2.
-j
--
"The kneebone's connected to the... something. The something's
connected to the... red thing. The red thing's connected to my wrist
watch... Uh oh."
--The Simpsons
