5 Mar
2019
5 Mar
'19
10:26 a.m.
Hi
Success!
Well, not in the first place. I executed the three commands Marius
suggested, and they certainly did have an effect! The forwarded packets
that were supposed to go to my 'inner' server were also routed back to
the AMPR GW, which of course did not know anything about my local
addresses (192.168...).
However, after adding this line:
ip route add 192.168.19.0/24 dev enp0s6 table 44
everything felt in place and I'm now a happy man.
Thanks again for all the help.
Best 73 de Bent/OZ6BL
On 04/03/2019 03.29, Marius Petrescu wrote:
Sorry, but mails got rearranged my the mailer....
ip rule add fwmark 1 table 44
iptables -t mangle -A PREROUTING -i tunl0 ! -s 44.0.0.0/8 -j CONNMARK
--set-mark 1
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
On 04.03.2019 04:25, Marius Petrescu wrote:
Bent, try something like this:
|# this tells the system to use table 44 for packets marked with 1 ip
rule add fwmark 1 table 44 # this tells the system to apply a
connection mark of 1 to incoming connections on tunl0 that are NOT in
the 44/8 address space |iptables -t mangle -A PREROUTING -i tunl0 !
-s 44.0.0.0/8 -j CONNMARK --set-mark 1
# this tells to copy the connection mark (if any) to the packet mark
so it will follow the rule above
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
Marius, YO2LOJ
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net