Service/port based routing

Service/port based routing

Imri Zvik imriz at inter.net.il
Mon Jun 29 16:51:12 IDT 2009 

On Sunday 28 June 2009 13:10:53 shimi wrote:
> Packet marking & additional routing table. Quick "HOWTO" here:
> http://archive.cert.uni-stuttgart.de/suse-security/2005/01/msg00008.html
>
> HTH,
>
> -- Shimi
> ____________________


You should be able do that with a simple iptables rule (without using 
different routing tables). man iptables and look for the ROUTE target.

   ROUTE
       This is used to explicitly override the core network stack's routing 
decision.  mangle table.

       --oif ifname
              Route the packet through `ifname' network interface

       --iif ifname
              Change the packet's incoming interface to `ifname'

       --gw IP_address
              Route the packet via this gateway

       --continue
              Behave like a non-terminating target and continue traversing the 
rules.  Not valid in combination with `--iif' or `--tee'

       --tee  Make a copy of the packet, and route that copy to the given 
destination. For the original, uncopied packet, behave like a non-terminating 
target and continue traversing  the  rules.   Not
              valid in combination with `--iif' or `--continue'

More information about the Linux-il mailing list