[lug] forcing certain services to use eth1 instead of eth0
Zan Lynx
zlynx at acm.org
Tue Jan 3 14:09:40 MST 2006
On Tue, 2006-01-03 at 13:14 -0700, Michael Belanger wrote:
> Greetings.
> I have two Ethernet Interfaces, eth0, eth1.
> Specifically, I want to keep backups and nfs running on one interface and
> mail(smtp/imap) running on another.
>
> We have an Astaro Security Gateway running as our firewall.
>
> The machine in question has two interfaces on the same local network. The
> firewall SNAT's the outgoing requests to appear as our public mailserver
> address. This only half works at the moment because the rules are dealing
> with the eth1 address not the eth0.
>
> man of 'route' doesn't seem to have info on how to do this with ports, and
> google searches come up with few solutions.
>
> Any suggestions?
iptables -t mangle -j MARK
ip rule add fwmark 1 table 1
ip route add default table 1 via 1.2.3.4 dev eth1
Google the Linux Advanced Routing HOWTO.
There's also an iptables ROUTE module that lets you force routing
decisions there, if you're using a new enough kernel and iptables
combination.
--
Zan Lynx <zlynx at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20060103/823e9891/attachment.pgp>
More information about the LUG
mailing list