On Mon, 2007-04-09 at 14:11 -0400, Lennart Sorensen wrote:
> On Mon, Apr 09, 2007 at 07:05:31PM +0100, W Agtail wrote:
> > Nice one, but unfortunately still doesn't work.
> > I'm now not seeing any marked messages in /var/log/messages and traffic
> > still going via gw2 for port 8088.
>
> What does 'iptables -v -t mangle -L' show at the moment? Have you been
> flushing it between attemps to make sure you don't have conflicting
> rules?
>
> --
> Len Sorensen
Yup, I've been flushing iptables each time. This is what we have atm:
iptables -n -v -t mangle -L
Chain PREROUTING (policy ACCEPT 12656 packets, 2518K bytes)
pkts bytes target prot opt in out source
destination
0 0 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8088 LOG flags 0 level 4 prefix `fwmark 1: '
0 0 LOG tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8089 LOG flags 0 level 4 prefix `fwmark 2: '
0 0 MARK tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8088 MARK set 0x1
0 0 MARK tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:8089 MARK set 0x2
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 MARK match 0x1 LOG flags 0 level 4 prefix `marked 1:
'
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 MARK match 0x2 LOG flags 0 level 4 prefix `marked 2:
'
Chain INPUT (policy ACCEPT 10664 packets, 2438K bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 6311 packets, 896K bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 6311 packets, 896K bytes)
pkts bytes target prot opt in out source
destination
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
