Hi
I have the following setup.
server A eth1: 192.168.254.5/24
server A eth2: 192.168.253.1/24
Routing tables in A
0.0.0.0 196.44.37.X 0.0.0.0 UG 100 0 0 eth0
10.0.0.0 192.168.254.1 255.255.240.0 UG 0 0 0 eth1
192.168.253.0 0.0.0.0 255.255.255.252 U 0 0 0 eth2
192.168.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
196.44.37.Y 0.0.0.0 255.255.255.248 U 0 0 0 eth0
ip rule add fwmark 0x1 table net1
ip rule add fwmark 0x2 table net2
ip route add 10.0.0.0/20 via 192.168.254.1 table net1
ip route add 10.0.0.0/20 via 192.168.254.3 table net2
IPtables in Server A:
*mangle
-A PREROUTING -p tcp -m tcp --dst 10.0.4.2 -j MARK --set-mark 0x02
COMMIT
*nat
-A POSTROUTING -d 10.0.0.0/20 -j SNAT --to-source 192.168.254.5
COMMIT
Server B eth2: 192.168.253.2/24
10.0.0.0 192.168.253.1 255.255.240.0 UG 0 0 0 eth2
192.168.253.0 0.0.0.0 255.255.255.252 U 0 0 0 eth2
When I ping from Server B 10.0.4.2 I need the route "10.0.0.0
192.168.254.1 255.255.240.0 UG 0 0 0 eth1" on server A or
the returning packet does not get back to me, altough the routing to
10.0.4.2 goes via the net2 table.
Kind Regards
Jan van der Vyver
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
