hi, i've configured a gateway between two network that uses tun: A - > B <--> C --> D A is a normal desktop computer B and C are the routers and D are web server on the other network A send traffic to D, so it arrives at B is redirected to tun0 device for processing (custom security) and then send to D through C When the packet come back from D it enter in B is redirected to tun1 for processing and delivered to A. Every thing works fine. My problem is when traffic source is B when the packet come back to B its destination ip matches local IP so it's not redirected to tun1 ands it's not processed. Incoming packets on local ip are not processed by prerouting chain. what i use to redirect its: iptables -A PREROUTING -t mangle -i eth0 -t tcp -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -i eth0 -j ACCEPT ip rule add fwmark 1 table 100 ip route add default dev tun0 table 100 someone suggested to use iptables -j ROUTE to force routing even in this case. But there's no way to use this patch on recent kernel. any other tip? thank you in advance -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
