5

iptables + iproute2 + fwmark doesn't work

view full story
linux-howto

https://bbs.archlinux.org – I realize this is an old thread. But seeing as there's little information about this to be found, i thought i should update this unresolved thread with my findings.Apparently the source address of a package is set before the fwmark routing table is looked up. Packages sent out on a non-default interface (based on fwmark) will thus have the source address of the default interface. [Ref]I solved this with SNAT, and the following line makes all locally generated packages going out the non-default interface, my case eth0, have the source address of eth0.sudo iptables -t nat -A POSTROUTING -o (HowTos)