EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 20 November 2024, 04:29:10 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
The Latest Endian Firewall is now available for download
HERE
14258
Posts in
4377
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
General Support
Policy Routing - Incorrect source route rule?
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Policy Routing - Incorrect source route rule? (Read 9734 times)
DFen
Full Member
Offline
Posts: 46
Policy Routing - Incorrect source route rule?
«
on:
Monday 19 July 2010, 08:22:10 pm »
I have tried creating a policy route along the following lines:
Network->routing->policy routing
Source network/ip (Green):
192.168.1.201/32
192.168.1.202/32
Destination network/ip (Red):
...20
...30
Service: ANY
Protocol: IP
Route Via: uplink1
This appears to create enties in the mangle table: iptables -t mangle -L POLICYROUTING -nv
0 0 CONNMARK tcp -- * * 192.168.1.201 ...20 CONNMARK set 0x7c8/0x7f8
0 0 RETURN tcp -- * * 192.168.1.201 ...20 CONNMARK match !0x0/0x7f8
0 0 CONNMARK tcp -- * * 192.168.1.202 ...20 CONNMARK set 0x7c8/0x7f8
0 0 RETURN tcp -- * * 192.168.1.202 ...20 CONNMARK match !0x0/0x7f8
0 0 CONNMARK tcp -- * * 192.168.1.201 ...30 CONNMARK set 0x7c8/0x7f8
0 0 RETURN tcp -- * * 192.168.1.201 ...30 CONNMARK match !0x0/0x7f8
0 0 CONNMARK tcp -- * * 192.168.1.202 ...30 CONNMARK set 0x7c8/0x7f8
0 0 RETURN tcp -- * * 192.168.1.202 ...30 CONNMARK match !0x0/0x7f8
However in the source route rules table: ip ru sho
10: from 192.168.1.201 lookup main
This appears to cause the later rule:
199: from all fwmark 0x7c8/0x7f8 lookup uplink-uplink1
NOT to be reached for the first Source IP in the policy route, and traffic is routed via the default route in main.
This does not appear to be the correct action.
I need the traffic to be routed to an alternate gateway.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com