iptables ip rule fwmark doesn' t work

Question

I am trying to create iptables and mark it to ip rule. Marking doesn't work.

# ip rule
0:      from all lookup local 
32762:  from all fwmark 0x2 lookup rteth4 
32763:  from all fwmark 0x1 lookup rteth4 
32764:  from all to 93.xxx.xxx.xxx lookup rteth4 
32765:  from 93.xxx.xxx.xxx lookup rteth4 
32766:  from all lookup main 
32767:  from all lookup default

# iptables -A INPUT -j MARK --set-mark 2

# iptables-save > /etc/network/iptables.up.rules

# iptables-apply

# iptables -L INPUT --line-number
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    MARK       all  --  anywhere             anywhere             MARK set 0x2

How can apply this: iptables -L INPUT --line-number to use table rteth4? And how to create iptables command that match localhost:port requests?

Thanks

score 0 · Accepted Answer · edited Sep 20 '17 at 03:03

0

IPTABLES doesn't have anything to do with routing tables, what do you mean apply iptables to use table rteth4.

To mark packets it better be in PREROUTING chain and preferably mangle table.

To mark a packet to match localhost:23, you can do this:

iptables -t mangle -I PREROUTING -d localhost -p tcp --dport 23 -j MARK --set-mark 2

edited Sep 20 '17 at 03:03

Dessa Simpson

1,232
1
15
30

answered Mar 17 '16 at 21:14

Arash

400
4
11

iptables ip rule fwmark doesn' t work

1 Answers1