Help routing internet traffic from specific port to specified device.
1 replies, posted
I have a Linux server running in my basement, it has two device connections: eth0 and ppp0. I want to route all traffic with the port 51414 through ppp0.
I have confirmed the ppp0 device works and this is my process of attempting to route all internet traffic with port 51414 through it:
[code][B][root@Charles naelstrof]# ip addr
[/B]1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether f4:6d:04:4e:ac:92 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.20/24 brd 10.0.1.255 scope global eth0
inet6 fe80::f66d:4ff:fe4e:ac92/64 scope link
valid_lft forever preferred_lft forever
3: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1296 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 10.42.124.11 peer 10.42.124.1/32 scope global ppp0
[B][root@Charles naelstrof]#[/B] [B]echo 200 secure >> /etc/iproute2/rt_tables[/B]
[B][root@Charles naelstrof]# [/B][B]ip rule add fwmark 1 table secure[/B]
[B][root@Charles naelstrof]# ip rule ls
[/B]0: from all lookup local
32765: from all fwmark 0x1 lookup secure
32766: from all lookup main
32767: from all lookup default
[B][root@Charles naelstrof]# ip route add default via 10.42.124.1 dev ppp0 src 10.42.124.11 table secure[/B]
[B][root@Charles naelstrof]# iptables -t mangle -I PREROUTING -p udp --dport 51414 -j MARK --set-mark 1[/B]
[B][root@Charles naelstrof]# ip route flush cache
[/B][B][root@Charles naelstrof]# iptables -t mangle -L[/B]
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
MARK udp -- anywhere anywhere udp dpt:51414 MARK set 0x1
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
[B][root@Charles naelstrof]# tcpdump -i ppp0[/B]
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
[B][root@Charles naelstrof]# tcpdump -i eth0 "port 51414"[/B]
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:19:31.571357 IP 218-251-60-238f1.osk2.eonet.ne.jp.21045 > 10.0.1.20.51414: UDP, length 101
17:19:31.571468 IP 10.0.1.20.51414 > 218-251-60-238f1.osk2.eonet.ne.jp.21045: UDP, length 547
17:19:31.573352 IP 74-134-0-165.dhcp.insightbb.com.6881 > 10.0.1.20.51414: UDP, length 103
17:19:31.573431 IP 10.0.1.20.51414 > 74-134-0-165.dhcp.insightbb.com.6881: UDP, length 268
17:19:31.579712 IP 252.61.72.124.board.xm.fj.dynamic.163data.com.cn.solid-mux > 10.0.1.20.51414: UDP, length 136
17:19:31.579791 IP 10.0.1.20.51414 > 252.61.72.124.board.xm.fj.dynamic.163data.com.cn.solid-mux: UDP, length 53
^C17:19:31.590686 IP 94.99.35.213.24429 > 10.0.1.20.51414: UDP, length 101
7 packets captured
36 packets received by filter
0 packets dropped by kernel[/code]
As you can see I routed everything according to [URL="http://lartc.org/howto/lartc.rpdb.html"]this[/URL] and [URL="http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html"]this[/URL], but it is not working at all!
Can someone more experienced point out anything dumb I'm doing?
Solved it following this tutorial:
[url]http://tech.kanka.ch/?p=153[/url]
(no i'm not french)
Sorry, you need to Log In to post a reply to this thread.