<div dir="ltr"><br><br><div class="gmail_quote">On Mon, Aug 20, 2012 at 10:52 AM, shimi <span dir="ltr"><<a href="mailto:linux-il@shimi.net" target="_blank">linux-il@shimi.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5"><p><br>
On Aug 20, 2012 9:34 AM, "Erez D" <<a href="mailto:erez0001@gmail.com" target="_blank">erez0001@gmail.com</a>> wrote:<br>
><br>
> hello<br>
><br>
><br>
> i have a server with two eth ports, each connects to a different router, and then to the internet.<br>
> i want all normal trafic to the internet to go via router 1 (eth0), so i added a default route to it<br>
> i want connections TCP coming from all over the internet to the second router(eth1), to be accepted.<br>
><br>
> the problem is that altough connections are coming from eth1, due to the default route, they are answered from eth0, which means a tcp connection can not be established.<br>
> i know that linux has a conntrack module, can i use it to tell the kernel to answer on the same eth it got SYN from ?</p>
</div></div><p>Are the two ports on the same netblock?</p></blockquote><div>what do you mean by that ? <br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p> If so, can they be separated to two non overlapping blocks? <br>
</p></blockquote><div>didn't get that<br><br><br>i have many clients from many differnet ips connecting to my server. the server has two eth interfaces, with many ports open. <br>there is no relation between eth and port, the same port can receive connections from either interface.<br>
i just want to route the relayed packets of the same connection to the eth the syn packet came from.<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p> If so, I believe that would solve your problem...</p>
<p>Otherwise, two listeners and an 'ip rule from <2nd ip> lookup <alt. routing table>'[*], would probably do the trick...</p>
<p>[*] syntax by heart, consult man page to be sure</p>
<p>--<br>
Shimi from Samsung Galaxy S II<br>
</p>
</blockquote></div><br></div>