Re: fwmask for local outbound packets

Truxton Fulton (
Fri, 17 Dec 1999 17:34:23 -0800 (PST)


It is impossible with Linux 2.2. Alexey Kuznetsov suggested that
I look into netfilter for Linux 2.3. I have done so, and unfortunately,
it remains impossible to policy route locally generated packets based
on port number.

If you have two machines, you can do it (although very inelegantly).
But the fundamental problem is that the routing decision is made _before_
the netfilter code gets a chance to look at the port number.

Alexey's iproute2 package is very well done, and it works great for
implementing policy routing based on source or destination address, but
if you want to route based on port number, there's no good solution
right now.


On Fri, 17 Dec 1999, Mike Reid wrote:

> Did you ever figure out how to route outbound http traffic to
> a particular interface? I need to do the same thing?

> Thanks,
> --
> Mike Reid

