> Ok, now I understand your problem :-) > In this case try this instead of the above (I think this you even had in your > prev postings): > ip rule add fwmark 2 table 2 > > And add this for marking the pkts based on port(s): > iptables -t mangle -A PREROUTING -p tcp -m multiport --ports 80,22 -j MARK > --set-mark 2 > > Both commands should be placed as early as possible within your script. That is exactly what I want and what i try to say! but that is also exactly what is not working! ..my rp_filter is set to 0 in the kernel.. So i assume there is a bug in iptables for ubuntu, something missing somewhere or a config to enable somewhere.. beacause it is a very simple set of rules... the OUTPUT rules works fine. and the rule: ip rule add from 192.168.2.0/24 table 2 all works.. Just the PREROUTING rules that does not work for me.. Thks -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
