I guess I have to implement it myself, then... Be back when I have, with a patch!
Sincerily, Gabriel Andras Kis-Szabo wrote: > Hi, > > > iptables -A PREROUTING -i eth0 -t mangle -m tos --tos 0 -j MARK --set-mark 1 > > ip rule add fwmark 1 table host2.out > > ip route add default via 192.168.2.3 dev eth2 table host2.out > > > > All is working fine in the IPv6 case except the last statement (slightly altered > > for IPv6): > > #ip -6 route add default via fec0::192.168.2.3 dev eth2 table host2.out > > RTNETLINK answers: File exists > > > > Is this approach incompatible with IPv6 in any way? Is there any problems with > > using IPv6-addresses and the "table" object? > I think this is not a Netfilter-related question, but I try to answer. > > The basic rtnetlink functions are supported in IPv6 too, but not all. > Configuration options for IPv4: > - TCP/IP networking > - IP: multicasting > - IP: advanced router > - IP: policy routing > - IP: use netfilter MARK value as routing key > With this You set the CONFIG_IP_ROUTE_FWMARK flag in the configuration. > This flag is interperted in the IPv4 code, but its whole function is > missing from the IPv6 code. > > The related files and structures: > /usr/src/linux/net/ipv4/devinet.c > static struct rtnetlink_link inet_rtnetlink_table[RTM_MAX-RTM_BASE+1] > /usr/src/linux/net/ipv6/addrconf.c > static struct rtnetlink_link inet6_rtnetlink_table[RTM_MAX-RTM_BASE+1] > And severeal other functions and structures in the routing code. > > When you try to add a rule with a 'table' object, the 'ip' command - > maybe - simply discards the 'table' tag. > > Regards, > > kisza > > -- > Andras Kis-Szabo Security Development, Design and Audit > -------------------------/ Zorp, NetFilter and IPv6 > [EMAIL PROTECTED] /-----Member of the BUTE-MIS-SEARCHlab------>
