Hi, I have a multihomed machine to which i'd like to check the status of
each line periodically. I want to do this so that I can modify the iptables
rules and send new connections out over the active lines and restore service
when the line comes back up.
I thought I could use ping with the -I option, but that doesn't seem to
work, it always uses the default route. However if I get rid of the default
route and modify the rules to match the packets I get a "network
unreachable" message without it ever hitting iptables. For example adding
something like this never gets matched for the ping.
iptables -t mangle -I OUTPUT -j LOG --log-prefix "output: "
Normally ping results in ICMP messages being traversed, but not this time.
Could someone explain what is going on and I'd be grateful if there were any
suggestions on other ways to detect if a line is down - simply looking in
/proc/net/dev or similar wouldn't help as the local connection is likely to
be up, but the physical line to the ISP may be down.
Thanks
John
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
