Hi, 2008/12/11 Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx>: > Hello, > > Thomas Jacob a écrit : >> >> On Thu, 2008-12-11 at 13:18 +0100, Javier Gálvez Guerrero wrote: >>> >>> I need to route packets through different interfaces (let them be ath0 >>> and eth0) depending on the application source port, so I thought using >>> TOS or MARK targets of iptables would be helpful. >>> >>> Anyway, as I try configure it to mark the traffic and updating the >>> routing tables through many different ways, I can't get it working so >>> the packets are always sent through the "default" interface in the >>> main routing table. >>> >>> For example, if I use MARK I configure it this way: >>> >>> sudo iptables -A OUTPUT -t mangle -p tcp --dport 60301 -j MARK --set-mark >>> 1 >>> sudo iptables -A OUTPUT -t mangle -p tcp --dport 60302 -j MARK --set-mark >>> 2 > > These rules match the destination port. Replace --dport with --sport to > match the source port. Sorry, 60301 and 60302 are both destination port. I made a mistake when explaining it. I need to route packets depending on the DESTINATION port. The two interfaces (eth0 and ath0) are binded to different IP addresses both in the same range of the router and the destination host (192.168.0.0/24). Then, any idea? Thank you for your help, Javi > >> AFAIK, locally generated packets are routed before they are sent to >> netfilter, so setting fwmarks there to influence routing is pointless. > > A rerouting happens after the OUTPUT chains in order to take into account > destination NAT and marks. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
