Check this the most simple setup does not work... --- ip route flush table 2 # table 2 is the connection to internet ip route add table 2 default via 192.168.2.1 dev eth0 # main table is empty ip route flush table main iptables -F iptables -F -t mangle iptables -F -t nat iptables -t mangle -A PREROUTING -p tcp -m multiport --ports 22 -j MARK --set-mark 2 ip rule add fwmark 2 table 2 sysctl -w net.ipv4.conf.lo.rp_filter=0 sysctl -w net.ipv4.conf.default.rp_filter=0 sysctl -w net.ipv4.conf.all.rp_filter=0 ip route flush cache --- SSH does not work from anywhere! time out error! BUG? PROBABLY the rule don't work BUT if I add this: ip rule add from all table 2 ssh connection works.. clearly the PREROUTING iproutes rule does not work -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
