View Single Post
  #4  
Old 9th May 2008, 17:26
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

For purposes of illustrating how this would work i will assume the following you need to substitute for your network

eth0 192.168.1.1 -> gw 192.168.1.2
eth0 192.168.2.1 -> gw 192.168.2.2

Okay now in your main routing table your default gw will be 192.168.1.2

okay now create the second routing table

Code:
ip ro add 192.168.2.0/24 dev eth1  proto kernel  scope link  src 192.168.1.1 table 4
ip ro add default 192.168.2.2 table 4
The lets put a rule to make ssh traffic go via table 2
Code:
ip ru add fwmark 2 lookup 4
Then we need to mark the ssh packets
Code:
iptables -t mangle -I OUTPUT -p tcp --dport 22 -j MARK --set-mark 2
iptables -t mangle -I OUTPUT -p tcp --sport 22 -j MARK --set-mark 2
Then we flush the routing cache
Code:
ip ro fl ca
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote