Hi.
I want to use my vpn for outgoing port 80 connections in my Debian router.
My current route table:
# ip route
default dev ppp0 scope link
95.9.x.x dev ppp0 proto kernel scope link src 95.9.x.x
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.1
192.168.4.0/24 dev tap0 proto kernel scope link src 192.168.4.2
tap0 is my virtual vpn device created by openvpn. When I use something like
that all my traffic going through by vpn, so vpn working fine:
# ip route
default via 192.168.4.1 dev tap0
95.9.x.x dev ppp0 proto kernel scope link src 95.9.x.x
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.1
192.168.4.0/24 dev tap0 proto kernel scope link src 192.168.4.2
199.180.x.x dev ppp0 scope link
199.180.x.x and 192.168.4.1 are IP addresses of my vpn server.
Now, I want to use an alternate route for only port 80 outgoing
traffic. I create a table and set default gateway for this table with:
# echo 10 alter >> /etc/iproute2/rt_tables
# ip route add default via 192.168.4.1 table alter
And I create a fwmark and mark OUTPUT requests with:
# ip rule add fwmark 0x10 table alter
# iptables -t mangle -A OUTPUT -p tcp --dport 80 -j MARK \
--set-mark 0x10
In my theory this should work, but it's not working. When I use that I am
not able to connect any website. What I am missing here? What should I add
to my alternate routing table to make it work?
Btw I tried to send this to debian-firewall but I got quota exceed error.
Thanks.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20120708174637.gb2...@ev.onur.im
