On 2017-03-28 21:48, Kai Krakow wrote:
Am Tue, 28 Mar 2017 21:26:05 +0200
schrieb Dan Johansson <dan.johans...@dmj.nu>:
Is it possible, using iptables or something equivalent, to redirect
traffic to some specific TCP ports to another gateway than the
default-gateway?
Eg.
Host 192.168.1.100/24 has a default-gateway of 192.168.1.1
Now I want to send all traffic from this host to destination-tcp-port
80 to gateway 192.168.2.1 instead (the host has a second interface
with the address 192.168.2.100/24 as well).
I only want the traffic to port 80 to go thru this GW (and then to
its final destination).
And port 80 is just an example, it could be port 12345 as well.
Is this possible? If yes, any suggestion on how to do it?
If I understand you correctly, you want to do the redirect decision on
the source machine 192.168.1.100, and not on the default gateway
192.168.1.1.
Yes, correct, that is the way I want it.
This means you need to mark packages with iptables, and then doing the
routing based on the mark. For this, you need to setup policy routing.
Look here:
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html
That link looks promising, it is quite close to my planned setup/needs.
That example uses port 25 instead of 80. It marks packets, and then
creates a second routing table to use for such marked packets.
That is not a problem as I was only using port 80 as an example.
Thanks for the link, my google searches did not find that :-(
D/\N
