On Monday 2005-October-24 10:25, Felipe Alcacibar wrote:
> Hi to all, i have the next problem.
Um, no, I think I was scheduled to have the next problem. Yours is the
previous one. ;)
> I have 2 machines, one, listen from port 80 of ip alias 192.168.0.220
> and another ip alias 10.0.0.5, and the other machine have listen a
> webserver in the port 8001 with a ip alias 10.0.0.1, y succesfully
> make a connection from the 192.168.0.0/24 to 10.0.0.1 thought the
> first machine, but the packages don't go back, because 10.0.0.1 does
> not route the packages to 10.0.0.5, and i can't do it, because the
I think (if I understand this) that source routing is your answer.
echo -e '10\tten' >> /etc/iproute2/rt_tables # names are friendlier to
# use than numbers. Both can be what you want, 10 and ten are examples.
# This just makes a routing table name you can use. It's optional; you
# can use the number in place of the table name.
ip rule add from 10.0.0.1 table ten
# Says that if the source IP is 10.0.0.1, to use the "ten" routing
# table.
ip route add default via 10.0.0.5 table ten
# The "ten" table has 10.0.0.5 as its default gateway.
ip route flush cache
> idea is listen 3 webservers listen on different ports with the same
> case, how i can do a DNAT, queryng the source of the package, because
> i need in the machine 2, the packages outgoing from 10.0.0.1 from
> port 8001 go to 10.0.0.5 an this route the package with masqued
You might have to use mangle -j MARK and an ip rule command to put that
"fwmark" in the "ten" table.
There might also be a pure netfilter solution with the -j ROUTE target.
I have not done any of this, but I hope it points you in the right
direction.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
