-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 03 January 2005 17:44, Markus Feilner wrote:
Hello List,
Can I use iptables to route traffic to or from one port via a different gateway than the default?
If so, which is the right target? iptables ... -j REDIRECT?
Or should I use a different software for that? Because of dyndns i cannot use the routing table for that hosts...
This seems a bit off topic for a security list, but nevertheless... You create a routing table by entering it into /etc/iproute2/rt_tables, say 10 alter Then you add a default route to that routing table: ip route add <gateway network> dev <device> table alter ip route add default dev <device> via <gateway> src <source ip> table alter Then you mark all packets going to ports x, y, z: iptables -t mangle -I PREROUTING -i <localnet interface> -p tcp -m multiport - --dports x,y,z -j MARK 0x10 Then you add a rule, saying all traffic your firewall marked should be routed using the routing table called alter: ip rule add fwmark 0x10 table alter The example only shows tcp ports, but you can do the same for udp, obviously. Note that packets routed with routing table "alter" will only ever go to the default gateway, unless you add other routes to that routing table. - -- Jure Koren, n.i. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (Darwin) iD8DBQFB2Z5H9iFCvmuhrCIRAsunAJ0SXM9IXFDowUbW4OMOCXxu09SxngCfUSZD 12qJmzldESBYPvRGuip3CAM= =ZzI9 -----END PGP SIGNATURE-----