How to selectivey route messages 7112

Michael Heiming snip He says do this only once. Does he mean only once forever (I believe he does), or once each boot time. I.e., itetc-iproute2-rttables generated dynamically from somewhere else, or it it the real thing. If generated dynamically, I should do it at every boot, but if it is a "static" file, I should do it manually, not inetc-rc.d-rc.local.

I do not like to have stuff inetc-rc.d-rc.local. I try to put a suitable script intoetc-rc.d-init.d and put all the little symbolic links intoetc-rc0-6.d. I am trying to decide what to do about the ip script stuff. I cannot really put it in my firewall script, because I might run that between reboots. NAT stuff goes in my firewall. Right now, my proposed firewall script goes like this (at the end):

what is umask
Lew Pitcher Not exactly. IIRC, the GE system was a 635 runnoning GECOS-2 (later GECOS-3, still later after Honeywell...

IPT=-sbin-iptables

TRILLIANE0="123.456.789.012" not really TRILLIANE1="999.999.999.999" not really

EXTDEV0=ppp0 EXTDEV1=eth1 INTDEV0=eth0

EXTIP0="$TRILLIANE0"

########################################################################### # # # SOURCE NAT # # # ########################################################################### # # # If anything leaves our LAN going to Internet (EXTIP0, ppp0), make it # # appear it came from this firewall machine; i.e., give it our routable # # IP address. # $IPT -t nat -A POSTROUTING -o $EXTDEV0 -j SNAT --to-source $EXTIP0 # # # If anything leaves our LAN going to Internet (EXTIP1, eth1) using the # # smtp port (25), make it go out the other interface (EXTIP0, ppp0) # # instead. Anything coming in to the smtp port will already come in the # # ppp0 port, since it is the only one with a static IP address known to # # the DNS.N.B.: This code here is NOT ENOUGH! # # $IPT -t mangle -A OUTPUT -p tcp --dport smtp -j MARK --set-mark 0x02 $IPT -t mangle -A OUTPUT -p udp --dport smtp -j MARK --set-mark 0x02 # # snip # # ###########################################################################

Does sendmail actually use UDP protocol, or only TCP? If only TCP, I can delete the obvious line above. snip

-- .~. Jean-David Beyer Registered Linux User 85642. V PGP-Key: 9A2FC99A Registered Machine 241939. ^^-^^ 16:15:00 up 14 days, 2:45, 4 users, load average: 4.12, 4.16, 4.14

List | Previous | Next

what is umask

Linux groups from Newsgroups

The #1 Usenet Provider on the Internet

How to selectivey route messages 7111

PLEX86 x86- Virtual Machine (VM) Program


	Plex86 \| CVS \| Mailing List \| Download \| Linux \| Newsgroups

		How to selectivey route messages 7112 Michael Heiming snip He says do this only once. Does he mean only once forever (I believe he does), or once each boot time. I.e., itetc-iproute2-rttables generated dynamically from somewhere else, or it it the real thing. If generated dynamically, I should do it at every boot, but if it is a "static" file, I should do it manually, not inetc-rc.d-rc.local. I do not like to have stuff inetc-rc.d-rc.local. I try to put a suitable script intoetc-rc.d-init.d and put all the little symbolic links intoetc-rc0-6.d. I am trying to decide what to do about the ip script stuff. I cannot really put it in my firewall script, because I might run that between reboots. NAT stuff goes in my firewall. Right now, my proposed firewall script goes like this (at the end): what is umask Lew Pitcher Not exactly. IIRC, the GE system was a 635 runnoning GECOS-2 (later GECOS-3, still later after Honeywell... IPT=-sbin-iptables TRILLIANE0="123.456.789.012" not really TRILLIANE1="999.999.999.999" not really EXTDEV0=ppp0 EXTDEV1=eth1 INTDEV0=eth0 EXTIP0="$TRILLIANE0" ########################################################################### # # # SOURCE NAT # # # ########################################################################### # # # If anything leaves our LAN going to Internet (EXTIP0, ppp0), make it # # appear it came from this firewall machine; i.e., give it our routable # # IP address. # $IPT -t nat -A POSTROUTING -o $EXTDEV0 -j SNAT --to-source $EXTIP0 # # # If anything leaves our LAN going to Internet (EXTIP1, eth1) using the # # smtp port (25), make it go out the other interface (EXTIP0, ppp0) # # instead. Anything coming in to the smtp port will already come in the # # ppp0 port, since it is the only one with a static IP address known to # # the DNS.N.B.: This code here is NOT ENOUGH! # # $IPT -t mangle -A OUTPUT -p tcp --dport smtp -j MARK --set-mark 0x02 $IPT -t mangle -A OUTPUT -p udp --dport smtp -j MARK --set-mark 0x02 # # snip # # ########################################################################### Does sendmail actually use UDP protocol, or only TCP? If only TCP, I can delete the obvious line above. snip -- .~. Jean-David Beyer Registered Linux User 85642. V PGP-Key: 9A2FC99A Registered Machine 241939. ^^-^^ 16:15:00 up 14 days, 2:45, 4 users, load average: 4.12, 4.16, 4.14 List \| Previous \| Next



		what is umask Linux groups from Newsgroups The #1 Usenet Provider on the Internet How to selectivey route messages 7111