[LARTC] routing ssh to secondary uplink
devnull at plugthebox.net
devnull at plugthebox.net
Thu Jul 6 08:49:19 CEST 2006
Hello,
I'm following this HOWTO
http://linux-ip.net/html/adv-multi-internet.html to route outgoing SSH
from a secondary ISP. I can see using tcpdump,jnettop,iftop that when
one of the computers located in my internal network is trying to SSH to
a box online using SSH, packets are routed via the secondary internet
ethernet card. However, packets don't seem to know how to get back.
my script:
route add default gw 10.2.2.1
ip route add table 1 default via SECONDARYGW
iptables -t mangle -A PREROUTING -p tcp --dport 22 -s 192.168.1.0/24 -j
MARK --set-mark 1
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to MYSECONDARYIP
iptables -t nat -A POSTROUTING -o $EXT_NIC -s 192.168.1.0/24 -j SNAT
--to MYPRIMARYIP
ip rule add fwmark 1 table 1
ip route flush cache
Sincerely,
--
devnull at plugthebox.net <devnull at plugthebox.net>
More information about the LARTC
mailing list