On 8 Nov 2012, at 22:13, Michal Soltys wrote: > You can do hybrid of sorts - that is set mark in iptables (with all the > matching power of iptables), then use fwmark match in ip rule. > > Not precisely what you're after, but gives you the same - unless of > course you want to avoid ip rule at all cost. Once in the past there was > ROUTE target, but it was dropped at some point (I think). Besides, ip > rule fwmark provides essentially the same. I thought there used to be a ROUTE target but had concluded I was imagining things. The situation is (essentially) that I have interfaces that appear and disappear quite dynamically. iptables seems to cope well with interfaces that disappear occasionally, whereas the routing table stuff does not. Actually I don't need to know what interface I am routing out of, I want to simply route anything matching my iptables rule to a next hop with a particular IP address (however that is reached). So I can do that with fwmark and ip rule, with a routing table which routes everything to one IP, but that means one routing table per rule, which isn't going to scale quite the way I'd like (I'm presuming generating several hundred routing tables is not a fantastic idea). -- Alex Bligh -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
