1 |
On 2017-03-28 21:48, Kai Krakow wrote: |
2 |
> Am Tue, 28 Mar 2017 21:26:05 +0200 |
3 |
> schrieb Dan Johansson <Dan.Johansson@×××.nu>: |
4 |
>> |
5 |
>> Is it possible, using iptables or something equivalent, to redirect |
6 |
>> traffic to some specific TCP ports to another gateway than the |
7 |
>> default-gateway? |
8 |
>> |
9 |
>> Eg. |
10 |
>> |
11 |
>> Host 192.168.1.100/24 has a default-gateway of 192.168.1.1 |
12 |
>> Now I want to send all traffic from this host to destination-tcp-port |
13 |
>> 80 to gateway 192.168.2.1 instead (the host has a second interface |
14 |
>> with the address 192.168.2.100/24 as well). |
15 |
>> I only want the traffic to port 80 to go thru this GW (and then to |
16 |
>> its final destination). |
17 |
>> And port 80 is just an example, it could be port 12345 as well. |
18 |
>> |
19 |
>> Is this possible? If yes, any suggestion on how to do it? |
20 |
> |
21 |
> If I understand you correctly, you want to do the redirect decision on |
22 |
> the source machine 192.168.1.100, and not on the default gateway |
23 |
> 192.168.1.1. |
24 |
|
25 |
Yes, correct, that is the way I want it. |
26 |
|
27 |
> This means you need to mark packages with iptables, and then doing the |
28 |
> routing based on the mark. For this, you need to setup policy routing. |
29 |
> Look here: |
30 |
> |
31 |
> http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html |
32 |
|
33 |
That link looks promising, it is quite close to my planned setup/needs. |
34 |
|
35 |
> That example uses port 25 instead of 80. It marks packets, and then |
36 |
> creates a second routing table to use for such marked packets. |
37 |
|
38 |
That is not a problem as I was only using port 80 as an example. |
39 |
|
40 |
Thanks for the link, my google searches did not find that :-( |
41 |
|
42 |
D/\N |