On 12/10/2009 10:54 AM, ESGLinux wrote:
Hello,
The problem with that is that the routing decision is made before the
packets get marked, so although I get the packets marked they follow the
route decided in the previous steps
you can see this steps in this web:
http://www.linuxtopia.org/Linux_Firewall_iptables/c951.html
<http://www.linuxtopia.org/Linux_Firewall_iptables/c951.html>or am I doing
anything wrong?
Thanks,
ESG
2009/12/10 Moby<moby@xxxxxxxxxxxxxx>
For local traffic, set your mark on all traffic originiating from
127.0.0.1 and other local IPs of the machine sent to destination port 80 or
443.
--
--Moby
They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety. -- Benjamin Franklin
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
I looked at the link you posted, and most I can say is perhaps the
document there needs some correct.
I have the following line in my config:
iptables -t mangle -A PREROUTING -s 127.0.0.0/24 -j MARK --set-mark 2
and I know for sure it works.
You may perhaps want to try something along these lines and see what
happens in your case?
--
--Moby
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
