You can use iproute2 to split your traffic.
http://lartc.org/howto/
follow a tip:
1- create a table with name bradesco
echo 200 bradesco>> /etc/iproute2/rt_tables
2- Marking the packages desirable ( 192.100.100.0/24> branch office
inside network, 128.2.0.0/16 head office inside network )
/sbin/iptables -t mangle -A PREROUTING -i eth0 -s 192.100.100.0/24 -d
128.2.0.0/16 -p tcp --dport 80 -j MARK --set-mark 1
/sbin/iptables -t mangle -A PREROUTING -i eth0 -s 192.100.100.0/24 -d
128.2.0.0/16 -p tcp --dport 443 -j MARK --set-mark 1
3- Add packages have been marked with tag 1 to table bradesco
ip rule add fwmark 1 table bradesco prio 20
4- Add a gateway for table bradesco
ip route add default via tun0 table bradesco
where tun0 it's your address VPN tunnel
But this is on the server isn't it?
It is the traffic from the client and all clients are outside of the
network.
So, a client from 88.11.11.11 connects to my VPN on fixed IP
123.123.123.123. Another client from 78.22.11.22 connects to
123.123.123.123.
I only want them to send port 80 traffic to the server but they should
direct all their email traffic and other apps through their normal ISP.
iptables cannot bounce the traffic back to the client because the client
won;t know where to send it after that?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
