[lug] forcing certain services to use eth1 instead of eth0
Michael Belanger
mrb at ciclops.org
Tue Jan 3 16:09:23 MST 2006
On Tuesday 03 January 2006 14:09, Zan Lynx wrote:
>
> iptables -t mangle -j MARK
> ip rule add fwmark 1 table 1
> ip route add default table 1 via 1.2.3.4 dev eth1
>
> Google the Linux Advanced Routing HOWTO.
>
> There's also an iptables ROUTE module that lets you force routing
> decisions there, if you're using a new enough kernel and iptables
> combination.
I read something similar to your example, but my eyes glazed over.. Not sure I
understand or even like the word 'MANGLE' when we are talking about email. :)
From what I am reading, this *should* work.. Am I wrong?
# Pass all SMTP traffic through eth1
-A INPUT -o eth1 -m tcp -p tcp --dport 25 -j ACCEPT
-A OUTPUT -o eth1 -m tcp -p tcp --sport 25 -j ACCEPT
# Pass all IMAP traffic through eth1
-A INPUT -o eth1 -p tcp -m tcp --dport 143 --syn -j ACCEPT
-A INPUT -o eth1 -p tcp -m tcp --dport 993 --syn -j ACCEPT
-A OUTPUT -o eth1 -p tcp -m tcp --sport 143 --syn -j ACCEPT
-A OUTPUT -o eth1 -p tcp -m tcp --sport 993 --syn -j ACCEPT
--
Michael Belanger
CICLOPS, Space Science Institute
phone. 720-974-5853 Jabber: mrb at jabber.ciclops.org
fax. 720-974-5860
DISCLAIMER:
The Sender and Cassini Imaging Central Laboratory for Operations
accepts no liability for the content of this email, or for the
consequences of any actions taken on the basis of the information
provided, unless that information is subsequently confirmed in
writing. If you are not the intended recipient you are notified
that disclosing, copying, distributing or taking any action in
reliance on the contents of this information is strictly prohibited.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20060103/d5664e9c/attachment.pgp>
More information about the LUG
mailing list