Hi!
I have written a target for this: www.glsys.eu/iface
Swifty
John Lister írta:
Hi, I have a multihomed machine to which i'd like to check the status
of each line periodically. I want to do this so that I can modify the
iptables rules and send new connections out over the active lines and
restore service when the line comes back up.
I thought I could use ping with the -I option, but that doesn't seem
to work, it always uses the default route. However if I get rid of the
default route and modify the rules to match the packets I get a
"network unreachable" message without it ever hitting iptables. For
example adding something like this never gets matched for the ping.
iptables -t mangle -I OUTPUT -j LOG --log-prefix "output: "
Normally ping results in ICMP messages being traversed, but not this
time.
Could someone explain what is going on and I'd be grateful if there
were any suggestions on other ways to detect if a line is down -
simply looking in /proc/net/dev or similar wouldn't help as the local
connection is likely to be up, but the physical line to the ISP may be
down.
Thanks
John
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
