Do you have "route by fwmark" compiled?
cheers,
jamal
On Tue, 18 Jul 2000, Maxim E. Zimovets wrote:
> Hi all
>
> I've tried to make policy based routing with ip and ipchains. My config
> is as follow:
> Slackware Linux 7.0 with kernel v 2.2.15,
> iproute2-2.2.4-now-ss000225,
> ipchains v 1.3.9
> Memory 64MB
> NIC - rtl8139
>
> When I try to route with following config everything is fine:
> ip route add 0/0 via 1.1.1.1 table 5
> ip rule add from 2.2.2.2 table 5 pref 100
>
> ip rule show gives as expected:
> 0: from all lookup local
> 100: from 2.2.2.2 lookup 5
> 32766: from all lookup main
> 32737: from all lookup default
> It's Ok and works fine.
>
> When I try to setup more granular routing with ipchains:
> ipchains -A input -i eth2 -p tcp -s 2.2.2.2/32 45000 -d 0/0 -m 2
> ip route add 0/0 via 1.1.1.1 table 5
> ip rule add fwmark 2 table 5 pref 100
>
> I got this output from ip rule show:
> 0: from all lookup local
> 100: from all lookup 5
> ^^^^
> ??
> 32766: from all lookup main
> 32737: from all lookup default
> and Linux tried to route all the packets it got via table 5 despite of
> ipchains at all.
>
> What is wrong? Or may be what do I do wrong?
> Any suggestions are welcome
> Maxim
> --
> This mail reflects the personal opinion of the author. It can differ
> from the opinion of his employer.
>
> Maxim Zimovets
> Network Administrator
> Zimovets@xxxxxxxxxxx
>
>
|