Leonardo Rodrigues Magalhães wrote:
Jan Engelhardt escreveu:
It is not completely not related. By changing things such as
nfmark, TOS field, source or destination address, routing can
be influenced, so I would not say it's totally unrelated :)
Changing all these parameters will do nothing if you dont have
appropriate routing rules that uses them as routing criteria parameters.
Well .... yes, it's not completly unrelated, iptables really can
'help' routing decisions with those things.
iptables can be used to help routing decisions, but this is not the
only way of doing it. You can have your source routing rules and get
advanced routing without iptables rules, it's not required, but yes can
be used sometimes. On pretty advanced routing situations, maybe iptables
'helping' rules would be necessary, but advanced routing can be done
without iptables.
I don't think any routing may be done without iptables. A simple
example: you have two internet connections and want to route all
outgoing smtp traffic (dst port=25) to one provider and the rest of the
traffic - to the other provider. How can you do this without marking
packets with iptables?
--
Alexei
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
