Re: Разделение трафика

To: debian-russian@lists.debian.org
Subject: Re: Разделение трафика
From: Покотиленко Костик <casper@meteor.dp.ua>
Date: Mon, 12 Nov 2007 11:29:34 +0200
Message-id: <[🔎] 1194859774.2671.3.camel@localhost.localdomain>
Reply-to: casper@meteor.dp.ua
In-reply-to: <[🔎] 200711111054.41462.bart@solarnet.ru>
References: <[🔎] 473561FA.6080506@fromru.com> <[🔎] 200711111054.41462.bart@solarnet.ru>

В Вск, 11/11/2007 в 10:54 +0300, Mikhail A Antonov пишет:
> On 10 ноября 2007, Tiurin Alexandr wrote:
> >  Доброго времени суток.
> >  Комп подключен к провайдеру по 2м тарифам. Т.е. имеется 2 из из одной
> >  сети, каждый ип для одного тарифного плана соответственно. Оба ипа висят
> >  на одной сетевой карте.
> >  Необходимо, что бы конкретные программы выходили в сеть с определенных
> >  ипов.
> 1 - можно через vserver или openvz разделить IP
> 2 - как уже писал Артем, по портам расписать правила iptables

# man iptables
...
   owner
       This  module  attempts  to  match  various characteristics of the
packet creator, for locally-generated
       packets.  It is only valid in the OUTPUT  chain,  and  even  this
some  packets  (such  as  ICMP  ping
       responses) may have no owner, and hence never match.

       --uid-owner userid
              Matches if the packet was created by a process with the
given effective user id.

       --gid-owner groupid
              Matches if the packet was created by a process with the
given effective group id.

       --pid-owner processid
              Matches if the packet was created by a process with the
given process id.

              (Please  note: This option requires kernel support that
might not be available in official Linux
              kernel sources or Debian's packaged Linux kernel sources.
And if support  for  this  option  is
              available for the specific Linux kernel source version,
that support might not be enabled in the
              current Linux kernel binary.)

       --sid-owner sessionid
              Matches if the packet was created by a process in the
given session group.

              (Please note: This option requires kernel support that
might not be available in official  Linux
              kernel  sources  or  Debian's  packaged Linux kernel
sources.  And if support for this option is
              available for the specific Linux kernel source version,
that support might not be enabled in the
              current Linux kernel binary.)

       --cmd-owner name
              Matches if the packet was created by a process with the
given command name.

              (Please  note: This option requires kernel support that
might not be available in official Linux
              kernel sources or Debian's packaged Linux kernel sources.
And if support  for  this  option  is
              available for the specific Linux kernel source version,
that support might not be enabled in the
              current Linux kernel binary.)

       NOTE: pid, sid and command matching are broken on SMP
...

-- 
Покотиленко Костик <casper@meteor.dp.ua>

Reply to:

Follow-Ups:
- Re: Разделение трафика
  - From: "Timur S. Sattarov" <tumyp@uzsci.net>

References:
- Разделение трафика
  - From: Tiurin Alexandr <arcam@fromru.com>
- Re: Разделение трафика
  - From: Mikhail A Antonov <bart@solarnet.ru>

Prev by Date: Re: приостановление загрузки debian
Next by Date: Re: запуск по расписанию с точностью до секунды
Previous by thread: Re: Разделение трафика
Next by thread: Re: Разделение трафика
Index(es):
- Date
- Thread