[CentOS] Routing local generted packets with fwmark

Fri Oct 15 10:23:49 UTC 2010


On 10/15/2010 08:48 AM, C. L. Martinez wrote:
>
> On Wed, Oct 13, 2010 at 11:22 AM, C. L. Martinez <carlopmart at gmail.com 
> <mailto:carlopmart at gmail.com>> wrote:
>
>     Hi all,
>
>      I need to route local generated packages depending on which tcp
>     or udp service I need to use. To accomplish this I have configured
>     two routing tables:
>
>     [root at lothlorien ~]# ip ru ls
>     0:      from all lookup 255
>     32762:  from all fwmark 0x2 lookup FirstLan
>     32763:  from all fwmark 0x1 lookup SecondLan
>     32764:  from 172.25.80.10 lookup SecondLan
>     32765:  from 172.25.70.18 lookup FirstLan
>     32766:  from all lookup main
>     32767:  from all lookup default
>
>     My routing tables:
>
>     [root at lothlorien net]# ip ro show table FirstLan
>     172.25.70.16/28 <http://172.25.70.16/28> dev eth1  proto kernel
>      scope link  src 172.25.70.18
>     default via 172.25.70.30 dev eth1
>
>     [root at lothlorien net]# ip ro show table SecondLan
>     172.25.80.0/24 <http://172.25.80.0/24> dev eth1  proto kernel
>      scope link  src 172.25.80.10
>     default via 172.25.80.1 dev eth2
>
>      And my iptables rule is:
>
>      iptables -t mangle -A OUTPUT -p udp --dport 53  -j MARK --set-mark 1
>
I had a similar problem, so I wrote the mark as 0x1 :
iptables -t mangle -A OUTPUT -p udp --dport 53  -j MARK --set-mark 0x1

--
MM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20101015/9057882f/attachment.html>