Re: [Masq] Advance Routing Question

Mon, 26 Mar 2001 00:48:24 -0800 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


Daniel Jay wrote:

> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
> /* ALSO: Don't quote this header. It makes you look lame :-) */
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I'm sorry if this is to the wrong emailing list, if it is, please
> directly me where to post this question.
> 
> 
> I'm going to start this email with saying I _think_ I've read
> everything I can get my hands on about this subject, I've tried every
> example I can find, with no luck.  The second issue is that I can not
> upgrade to netfilter/iptables because one of the applications I need
> requires "loose udp routing".  Either the examples in the mailing
> list do not apply or I must be doing something wrong.  
> 
> Here is my problem, everything "works" but _all_ traffic goes out the
> 207.152.31.185 internet connection.  Here is what I need to happen,
> when somebody connects to 216.254.12.42 port 80 that all traffic for
> that "session" be answered back as 216.254.12.42 plus go out that
> internet connection.
> 
> At this point in time I'm almost willing to do anything.  Any
> suggestions (or commands) to try would be very helpful, or a how-to.
> 
> Here is my basic setup and config:
>  [...snip...]

you need to read the ip command reference that comes with
the iproute2 package and investigate policy routing. the
firewall/nat script at http://fwup.org/ claims to perform
"alias port forwarding" which sounds like what you need. if
it doesn't suit (or doesn't work), you can replicate it's
behaviour directly with ipchains+ip by fwmarking the reply
packets that need to have a source address different to that
of the interface of the default route and use fwmark nat to
rewrite the source address (see appendix C (page 50) of the
ip command reference).

raf

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to