port 80 out new ISP

Brent Clark bclark at eccotours.dyndns.org
Fri Aug 19 19:22:56 CEST 2005


Hi Rob

A big thanks for replying to my email.

>>ip route flush table TELKOM  >>/dev/null
>>ip route show table main |grep -Ev ^default\
> 
> 
> What does this command, without the "\<newline>" and pipe, return?
> 

gate:~# ip route show table main | grep -Ev ^default
196.36.10.112/29 dev eth0  proto kernel  scope link  src 196.36.10.114
192.168.111.0/24 dev eth1  proto kernel  scope link  src 192.168.111.10
192.168.10.0/24 dev eth2  proto kernel  scope link  src 192.168.10.100
gate:~#

>>ip rule add fwmark 1 table TELKOM >> /dev/null
> 
> 
> And what do your routing rules show at this point?

gate:~# ip rule show
0:      from all lookup local
32765:  from all fwmark 0x1 lookup TELKOM
32766:  from all lookup main
32767:  from all lookup default
gate:~#

gate:~# ip route show table main
196.36.10.112/29 dev eth0  proto kernel  scope link  src 196.36.10.114
192.168.111.0/24 dev eth1  proto kernel  scope link  src 192.168.111.10
192.168.10.0/24 dev eth2  proto kernel  scope link  src 192.168.10.100
default via 196.36.10.113 dev eth0
gate:~#

gate:~# ip route show table TELKOM
196.36.10.112/29 dev eth0  proto kernel  scope link  src 196.36.10.114
192.168.111.0/24 dev eth1  proto kernel  scope link  src 192.168.111.10
192.168.10.0/24 dev eth2  proto kernel  scope link  src 192.168.10.100
default via 192.168.10.200 dev eth2
gate:~#


>># SNAT the Private LAN
>>$IPT -t nat -A POSTROUTING -o eth0 -s 192.168.111.0/24 -j SNAT
>>--to-source 196.36.10.114
>>#$IPT -t nat -A POSTROUTING -o eth2 -s 
>>192.168.111.0/24 -j SNAT --to-source 192.168.10.200
> 
> 
> Why is that one commented?

Im commented it out, hoping the MASQUERADE would work.
> 
> 
>>$IPT -t nat -A POSTROUTING -o eth2 -s 192.168.111.0/24 -j MASQUERADE
> 
> 
> MASQUERADE will not work with dual routing.

Thanks




More information about the netfilter mailing list