From: Jelle Foks (jelle_at_frontierd-us.com)
Date: Thu 15 Nov 2001 - 00:23:19 GMT
Ciaran Deignan wrote:
>>Can't you do what you want by simply using two default routes? Then the
>>reply packets should be sent out whichever interface they came in on
>>(routed by virtue of their source IP address).
>while you can define two routes to any destination, the networking
>stack only ever takes the first one it finds.
>I've never found any feature to route according to the source IP
>address, and I've looked. I did read the advanced-routing how-to,
>but the answer isn't there.
>I don't think iptables/netfilter is the place to do this, since
>they "just" do filtering. The packet still gets handed to the
>nomal routing infrastructure. I've never identified the
>person/group leading the basic IP implementation...
I thought iptables allowed you to define multiple routing tables. Then
you could use the firewalling rules to mark packets depending on the
source IP address, and then use iptables to process packets with the
correct routing table according to mark number.