netfilter policy routing questions

Jeff Davies jeff_davies at
Thu Aug 11 09:45:40 MDT 2005


According to some articles on netfilter I have reading this should work 
for basic policy routing.

iptables -A PREROUTING -i eth1 -t mangle -p tcp -d -j MARK --set-mark 1

# echo 204 google.out >> /etc/iproute2/rt_tables
# ip rule add fwmark 1 table google.out
# ip rule ls
0:      from all lookup local 
32764:  from all fwmark        1 lookup google.out 
32766:  from all lookup main 
32767:  from all lookup default 

# /sbin/ip route add default via dev eth3 table google.out

What I want to do is route all outgoing traffic (people going to google's ip via http(s)) using eth3.. 
I tcpdump eth1, eth2, eth3 and my net interfaces eth2, eth3 have google traffic on them.. This doesn't seem
to be using my routing rules..Am I missing something?


