|
>this stuff was nasty to write and the debugging tools aren't great.
>what does tcpdump show when you try to connect, eg if from the command
line you do
># telnet www.outside.org http
#telnet www.slashdot.org 80
Trying 66.35.250.151...
telnet: connect to address 66.35.250.151: Network is unreachable
#tcpdump port 80
tcpdump: listening on eth0
[nothing]
To simplify the problem (I suspect an iproute2 problem), I dot not run the
rc.lvs_dr script on the realserver.
I just remove the default gateway and see if I still can route "http"
traffic after running the script below.
I only get ipchains debug messages before I remove the default gateway.
After removing the default gateway it is not possible to access http
servers and no debug messages are added to the messages file.
What am I missing here?
I also tried the OUTPUT chain.
-----------------------------------------------------------------
CHAIN=PREROUTING
iptables -A $CHAIN -t mangle -p tcp --dport 80 -j MARK --set-mark 1
iptables -t mangle -A $CHAIN -m mark --mark 1 -j LOG --log-level DEBUG
--log-prefix "fwmark 1:"
ip rule add fwmark 1 table TEST
ip route add default via 192.168.4.1 table TEST
--------------------------------------------------------------------
|
