Hi all
I've tried to make policy based routing with ip and ipchains. My config
is as follow:
Slackware Linux 7.0 with kernel v 2.2.15,
iproute2-2.2.4-now-ss000225,
ipchains v 1.3.9
Memory 64MB
NIC - rtl8139
When I try to route with following config everything is fine:
ip route add 0/0 via 1.1.1.1 table 5
ip rule add from 2.2.2.2 table 5 pref 100
ip rule show gives as expected:
0: from all lookup local
100: from 2.2.2.2 lookup 5
32766: from all lookup main
32737: from all lookup default
It's Ok and works fine.
When I try to setup more granular routing with ipchains:
ipchains -A input -i eth2 -p tcp -s 2.2.2.2/32 45000 -d 0/0 -m 2
ip route add 0/0 via 1.1.1.1 table 5
ip rule add fwmark 2 table 5 pref 100
I got this output from ip rule show:
0: from all lookup local
100: from all lookup 5
^^^^
??
32766: from all lookup main
32737: from all lookup default
and Linux tried to route all the packets it got via table 5 despite of
ipchains at all.
What is wrong? Or may be what do I do wrong?
Any suggestions are welcome
Maxim
--
This mail reflects the personal opinion of the author. It can differ
from the opinion of his employer.
Maxim Zimovets
Network Administrator
Zimovets@xxxxxxxxxxx
|