[linux] Re: [marc op bhosted.nl: RE: routing]
Rob Sterenborg
rob op sterenborg.info
Do Feb 17 10:20:49 CET 2005
> het ook werken. Waar die laatste regel voor nodig is, weet ik niet. Die
> heb
> ik ook maar overgenomen van een voorbeeld (bron:
> http://lists.debian.org/debian-firewall/2002/10/msg00078.html).
In http://www.ssi.bg/~ja/nano.txt kan je wat info vinden :
ip rule add prio 202 from NWE2/NME2 table 202
ip route add default via GWE2 dev IFE2 src IPE2 proto static table 202
ip route append prohibit default table 202 metric 1 proto static
[...]
The third line of each block is similar to a REJECT target in iptables
in case the corresponding interface is not working: If the client on
the local network sends a packet on an established connection, but in
the meanwhile the interface stopped operating, we will send this
client an ICMP controll message `PKT_FILTERED', hoping to cause it to
stop sending packets, and the user might wish to open a new
connection, which will succeed if at least one other line is still
working.
Gr,
Rob
More information about the Linux
mailing list