1. Post #1
    Gold Member
    Naelstrom's Avatar
    June 2010
    2,757 Posts
    I have a Linux server running in my basement, it has two device connections: eth0 and ppp0. I want to route all traffic with the port 51414 through ppp0.

    I have confirmed the ppp0 device works and this is my process of attempting to route all internet traffic with port 51414 through it:

    Code:
    [root@Charles naelstrof]# ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
        link/ether f4:6d:04:4e:ac:92 brd ff:ff:ff:ff:ff:ff
        inet 10.0.1.20/24 brd 10.0.1.255 scope global eth0
        inet6 fe80::f66d:4ff:fe4e:ac92/64 scope link 
           valid_lft forever preferred_lft forever
    3: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1296 qdisc pfifo_fast state UNKNOWN qlen 3
        link/ppp 
        inet 10.42.124.11 peer 10.42.124.1/32 scope global ppp0
    [root@Charles naelstrof]# echo 200 secure >> /etc/iproute2/rt_tables
    [root@Charles naelstrof]# ip rule add fwmark 1 table secure
    [root@Charles naelstrof]# ip rule ls
    0:      from all lookup local 
    32765:  from all fwmark 0x1 lookup secure 
    32766:  from all lookup main 
    32767:  from all lookup default
    [root@Charles naelstrof]# ip route add default via 10.42.124.1 dev ppp0 src 10.42.124.11 table secure
    [root@Charles naelstrof]# iptables -t mangle -I PREROUTING -p udp --dport 51414 -j MARK --set-mark 1
    [root@Charles naelstrof]# ip route flush cache
    [root@Charles naelstrof]# iptables -t mangle -L
    Chain PREROUTING (policy ACCEPT)
    target     prot opt source               destination         
    MARK       udp  --  anywhere             anywhere             udp dpt:51414 MARK set 0x1
    
    
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    
    Chain POSTROUTING (policy ACCEPT)
    target     prot opt source               destination
    [root@Charles naelstrof]# tcpdump -i ppp0
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
    ^C
    0 packets captured
    0 packets received by filter
    0 packets dropped by kernel
    [root@Charles naelstrof]# tcpdump -i eth0 "port 51414"
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
    17:19:31.571357 IP 218-251-60-238f1.osk2.eonet.ne.jp.21045 > 10.0.1.20.51414: UDP, length 101
    17:19:31.571468 IP 10.0.1.20.51414 > 218-251-60-238f1.osk2.eonet.ne.jp.21045: UDP, length 547
    17:19:31.573352 IP 74-134-0-165.dhcp.insightbb.com.6881 > 10.0.1.20.51414: UDP, length 103
    17:19:31.573431 IP 10.0.1.20.51414 > 74-134-0-165.dhcp.insightbb.com.6881: UDP, length 268
    17:19:31.579712 IP 252.61.72.124.board.xm.fj.dynamic.163data.com.cn.solid-mux > 10.0.1.20.51414: UDP, length 136
    17:19:31.579791 IP 10.0.1.20.51414 > 252.61.72.124.board.xm.fj.dynamic.163data.com.cn.solid-mux: UDP, length 53
    ^C17:19:31.590686 IP 94.99.35.213.24429 > 10.0.1.20.51414: UDP, length 101
    
    
    7 packets captured
    36 packets received by filter
    0 packets dropped by kernel
    As you can see I routed everything according to this and this, but it is not working at all!

    Can someone more experienced point out anything dumb I'm doing?

  2. Post #2
    Gold Member
    Naelstrom's Avatar
    June 2010
    2,757 Posts
    Solved it following this tutorial:
    http://tech.kanka.ch/?p=153
    (no i'm not french)