Lennart Sorensen wrote: > On Mon, Apr 09, 2007 at 04:56:20PM +0100, W Agtail wrote: > >>Hi there, and thanks v. much for getting back to me on this one. >>I now have changed iptables on the web servers to the following: >> >>iptables -t mangle -A POSTROUTING -p tcp --sport 8088 -o eth0 -j MARK >>--set-mark 1 >>iptables -t mangle -A POSTROUTING -p tcp --sport 8089 -o eth0 -j MARK >>--set-mark 2 >> >>But I'm still seeing traffic being returned via gw2 for port 8088 :( >>Any ideas? Thanks. > > > Hmm, I know I have done something like this before (I made all port 80 > traffic return through another host rather than the default gateway, but > it was about 3 years ago and I don't remember the exact syntax).
As the name suggests, POSTROUTING comes after routing, so marking packets there doesn't affect routing. Use PREROUTING for forwarded traffic and OUTPUT for locally generated traffic. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
