[LARTC] Re: Routing/NAT question
Jose Luis Domingo Lopez
lartc@24x7linux.com
Fri, 13 Sep 2002 22:14:36 +0200
On Friday, 13 September 2002, at 13:33:46 -0500,
Greg Scott wrote:
> Note that there is nothing special about the number 13, and the table number doesn't have anything to do with value of the fwmark. I picked 13 and used that number in both places only because today is Friday, Sept. 13.
>
You must be _very_ careful when dealing with "iptables" and "ip" for
marking packets and routing them based on those marks. The numeric
argument to:
iptables -t mangle -A PREROUTING --jump MARK --set-mark 13
is a decimal number, BUT the argument to "ip" is an hexadecimal number,
so to insert a matching "ip rule" you should do:
ip rule add fwmark D pref 10000 table whatever
NOT
ip rule add fwmark 13 pref 10000 table whatever
Hope it helps.
--
Jose Luis Domingo Lopez
Linux Registered User #189436 Debian Linux Woody (Linux 2.4.19-pre6aa1)