Routing applications to certain network cards

Discussion in 'Technical' started by sjau, Jul 24, 2007.

  1. sjau

    sjau Local Meanie Moderator


    I think I have a difficult question:

    I have two network cards (1 wifi & 1 ethernet). At home I can connect with the wifi card to my uni-network or I can use my normal internet access by ethernet/wifi.

    Now, the uni-network is limited but very quick. The normal inet access is not limited but, compared to the uni-network, slow.

    How could I make now that certain programs use exclusively only one of the network cards? E.g. browser, email, ... only use the wifi-card connected to the uni network
    And stuff like irc (is blocked at university) only use my normal ethernet card with my normal inet access?

    Currently I'm using Ubuntu Feisty.
  2. falko

    falko Super Moderator ISPConfig Developer

    Hm, good question. Maybe this can be done with iptables?
  3. sjau

    sjau Local Meanie Moderator

    well, I think it can be done with iptables since the applications use specific ports but I haven't ever played around with iptables.

    Another thing I stumbled accross is "socks" but I'm not sure if I get the concept of what that is.
  4. geekman

    geekman New Member

    I think you might be able to do something like this?

    Make website traffic go through eth1
    iptables --insert OUTPUT 1 --dport 80 --jump ACCEPT --out-interface 'eth1'

    Make Bit Torrent go through eth0

    iptables --insert OUTPUT 1 --dport 6881 --jump ACCEPT --out-interface 'eth0'

    Though this is totally untested and iptables may not even like that syntax of using dport...not sure. I just based it off some routing I already to with IPTables where I say: if traffic is coming from here and going to there use this interface.
    if traffic is coming from somewhere else and going here then use this interface instead.

    Just a note, you'd want basically the same rules but for the source port also so both incoming and outgoing traffic goes through the right Interface. A further edit you'd need to use --in-interface instead for these rules...just a guess, and there might be a more efficient way of doing it too i.e. only needing one rule per port.

    Last edited: Aug 7, 2007

Share This Page