Re: CONFIG_IP_ROUTE_FWMARK not working in Debian !

To: supermega <tomek@heh.pl>
Cc: debian-user@lists.debian.org
Subject: Re: CONFIG_IP_ROUTE_FWMARK not working in Debian !
From: Nelson Castillo <nelsoneci@gmail.com>
Date: Sun, 9 Oct 2005 19:12:44 -0500
Message-id: <[🔎] 2accc2ff0510091712s293a3026ufe38cc8a5a59d0eb@mail.gmail.com>
Reply-to: Nelson Castillo <nelsoneci@gmail.com>
In-reply-to: <[🔎] 1128901020.149164.115810@o13g2000cwo.googlegroups.com>
References: <[🔎] 1128901020.149164.115810@o13g2000cwo.googlegroups.com>

> # iptables -t mangle -A PREROUTING -s <LAN_IP> -j MARK --set-mark 5

I guess you should use the conntrack module. I'm not sure,
but I think you're marking only the first packet of the
connection.

I have something like this to mark them (different scenario... a load balancer
with 2 uplink providers):

iptables -t mangle -A PREROUTING -m conntrack --ctorigdst $IP1 \
   -p tcp -m tcp --dport 110 -j MARK --set-mark 1

> and I route them via ISP2
> # ip rule add fwmark 5 table isp2
> Does anyone have CONFIG_IP_ROUTE_FWMARK working in debian?

I do.

"ip rule add fwmark 1  table T1" works for me. Default sarge kernel.


--
Homepage : http://geocities.com/arhuaco

The first principle is that you must not fool yourself
and you are the easiest person to fool.
     -- Richard Feynman.

Reply to:

Follow-Ups:
- Re: CONFIG_IP_ROUTE_FWMARK not working in Debian !
  - From: "supermega" <tomek@heh.pl>
- Re: CONFIG_IP_ROUTE_FWMARK not working in Debian !
  - From: Mariusz Kruk <kruk@rdc.pl>

References:
- CONFIG_IP_ROUTE_FWMARK not working in Debian !
  - From: "supermega" <tomek@heh.pl>

Prev by Date: CONFIG_IP_ROUTE_FWMARK not working in Debian !
Next by Date: Re: Should users have to manually modprobe to use standard peripherals?
Previous by thread: CONFIG_IP_ROUTE_FWMARK not working in Debian !
Next by thread: Re: CONFIG_IP_ROUTE_FWMARK not working in Debian !
Index(es):
- Date
- Thread