I've this HW configuration:
----------------->router1---|
-Internet- |--->linux--->LAN
----------------->router2---|
router1 address 192.168.2.9
router2 address 192.168.2.10
linux address 192.168.2.22
linux default gateway 192.168.2.10
lan workstations use linux as proxy (squid at port 8080) 192.168.2.22
At now all trafic in lan goes to internet trougth router2, but II want
that the web traffic goes througth router1.
I've try marking the packages
#iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
and add a route (as described in lartc)
# echo 201 web >> /etc/iproute2/rt_tables
# ip rule add fwmark 1 table web
# ip route add default via 192.168.2.10 table web
I've added the following rule:
iptables -t mangle -A POSTROUTING -p tcp --dport 80 -j MARK --set-mark 1
because packets are generated by proxy.
Some data:
:~# ip route ls
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.252
default via 192.168.2.9 dev eth0
:~# ip rule ls
0: from all lookup local
32765: from all fwmark 1 lookup web
32766: from all lookup main
32767: from all lookup default
:~# ip route ls table web
default via 192.168.2.10 dev eth0
It doesn't work. What I'm doing wrong?
Thanks
--
a8888b.
d888888b.
8P"YP"Y88
8|o||o|88
8' .88
8`._.' Y8.
d/ `8b.
dP . Y8b.
d8:' " `::88b
d8" 'Y88b
:8P ' :888
8a. : _a88P
._/"Yaa_: .| 88P|
\ YP" `| 8P `.
/ \.___.d| .'
`--..__)8888P`._.'
