[CentOS] Routing issue
Gordon Messmer
yinyang at eburg.com
Thu Sep 27 15:24:33 UTC 2012
On 09/27/2012 06:36 AM, Steve Clark wrote:
> I was trying to figure out what criteria to use to mark the connection.
> FTP is such a
> braindead application, using to channels and active and passive mode.
> What really
> needs to happen is someway to tell the kernel to recheck the routing
> after SNAT.
I'm mostly sure that if you mark the *connection* to the FTP server, the
related data will follow its path.
Again, multipath routing is complex, and Shorewall will do it properly.
At the very least, I recommend building a working configuration with
Shorewall and then reading the rules that it compiles to understand why
it handles routing the way that it does.
More information about the CentOS
mailing list