Hi Robert, Routing the web traffic of my clients is solved with this: iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j MARK --set-mark 0x2 and ip rule: from all fwmark 0x2 lookup gw1 The problem I want to solve is with the traffic originated in the own firewall. Greetings, ESG 2009/12/10 Marti, Robert <RJM002@xxxxxxxx> > You'd have to use something like squid and force all your clients to > point to your squid instance. I have no experience with any of the > router software for Linux nor do I know if any of them are available > in rhel. > > Sent from my iPhone > > On Dec 10, 2009, at 5:12, "ESGLinux" <esggrupos@xxxxxxxxx> wrote: > > > Hi All, > > > > I have discovered a way to route all the traffic generated for my > > firewall > > to go the gateway I want. > > Here is what I have done: > > #ip rule add from 192.168.2.2/32 lookup gw1 > > > > the ip 192.168.2.2 is the ip of the interface attached to eth1 and I > > want > > that the traffic goes out to the interface eth2. > > > > The gw1 table has this: > > default via 192.168.3.1 dev eth2 > > > > So with this rule all the traffic originated in the firewall that > > has to go > > out to the default gw attached to eth1 goes to the gateway attached to > > eth2. > > > > The question now is how can I only route, for example, the web > > traffic to > > this gw... > > > > Greetings, > > > > ESG > > > > > > > > 2009/12/9 ESGLinux <esggrupos@xxxxxxxxx> > > > >> Hi all, > >> > >> I have posted several questions in this list about advanced routing > >> with > >> iproute2 to route the traffic as I want throug 2 different ADSL > >> lines. > >> > >> I use packet marks to route them through the selected gateway. All > >> works > >> fine, but I have a problem that I can't resolve. > >> > >> I need to route the traffic originated on the server I use as > >> firewall/router but I don´t see how to do it because the routing d > >> ecision is > >> made before the firewall does anything. > >> From this web: > >> > >> http://www.linuxtopia.org/Linux_Firewall_iptables/c951.html > >> > >> *Table 6-2. Source local host (our own machine)* > >> StepTableChainComment 1 Local process/application (i.e., server/ > >> client > >> program)2 Routing decision. What source address to use, what > >> outgoing > >> interface to use, and other necessary information that needs to be > >> gathered. > >> > >> so all the traffic generated in the machine goes to the default > >> gateway and > >> I cant´t control it, > >> > >> Any one knows how to solve this route problem? > >> > >> thanks in advance > >> > >> ESG > >> > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=subscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subjecthttps://www.redhat.com/mailman/listinfo/redhat-list
