Flávio Costa wrote: [...]
When someone connect to webserver by interface eth1 I doesn't work, because packets go back by default route (eth2), which is not the same they arrive (eth1).
This is a late answer but maybe it's still helpful: #!/bin/sh ETH1_GW="xxx.xxx.xxx.xxx" ETH1_IP="xxx.xxx.xxx.yyy" iptables -t mangle -F ip route flush table 4 ip route show table main | grep -Ev ^default | while read ROUTE ; do ip route add table 4 $ROUTE done ip route add table 4 default via $ETH1_GW iptables -t mangle -A OUTPUT -s $ETH1_IP -j MARK --set-mark 4 ip rule add fwmark 4 table 4 ip route flush cache HTH, Thomas -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
