Jose Luis Domingo Lopez wrote:
+-------------+ +-------------+
| actaea | eth0 | ilex |
| 192.168.1.4 |------ localnet ------| 192.168.1.1 |
+-------------+ 192.168.1.0/24 +-------------+
eth1 / | ppp0
80.72.34.162 83.31.149.159
/ |
wlnet tpsa
80.72.34.160/24 |
/ |
+--------------+ +------------+
| 80.72.34.161 | | 213.25.2.3 |
+--------------+ +------------+
\ /
\-----------, /
+--------------+ "" \
| salix | / Internet "
| 212.87.7.182 |--------'-, ,-"
+--------------+ "--------"
ilex:~# ip rule show
0: from all lookup local
32764: from 213.25.2.3 lookup tpsa
32765: from 80.72.34.161 lookup wlnet
32766: from all lookup main
32767: from all lookup default
"ip rules" 32764 and 32765 will only apply to traffic with source IP
addresses as shown, but not to traffic coming through any of the
associated routers (except this routers also do SNAT to traffic coming
from the Internet). So packets from salix (212.87.7.182) will be routed
looking first at table local (the one that should apply to traffic
ending at ilex itself), and then loooking at "table main".
And... this was the problem!
I misread the following lines from the HOWTO:
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2
as:
ip rule add from $P1 table T1
ip rule add from $P2 table T2
resulting in invalid rule entries
Now, with the following rule table everything works correctly:
ilex:~# ip rule show
0: from all lookup local
32764: from 83.31.149.159 lookup tpsa
32765: from 80.72.34.162 lookup wlnet
32766: from all lookup main
32767: from all lookup default
Many thanks for pointing me the right direction!
Rafal
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/