Machine B iptables -A PREROUTING -t mangle -j MARK -p tcp --dport 443 --set-mark 0x1 ip rule add prio 100 fwmark 1 table 100 ip route add local 0/0 dev lo table 100
Issuing these commands on machine A, packets move as I expect them to. However, on machine B, using tcpdump I see packets come in on port 443, but I never see machine B respond or send an ICMP error.
I never tried anything like this before, and don't really understand what you're doing, but taking a guess:
aren't you directing the incoming port 443 packets to the loopback device routing table ?
so then they're never going to do anything useful, unless your application is specificaly listening on 127.0.0.1 ?
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: [EMAIL PROTECTED] SnapGear --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
