GENIUSES: IPTABLES to do this....


Results 1 to 2 of 2

Thread: GENIUSES: IPTABLES to do this....

  1. #1
    Join Date
    Dec 2013
    Posts
    1

    Question GENIUSES: IPTABLES to do this....

    I own a Linksys WRT54G router with DDWRT firmware. I'm trying to compose a routing policy so that traffic from my local devices connected to the router are either piped through the normal internet traffic or piped through the active PPTP connection.

    I am trying to redirect all outgoing www PORT 80 requests through to the PPTP and all other outgoing port requests (eg. 443, 21, etc) through to the normal internet.

    From what i can see i need to make use of one or more of the following:

    IP ROUTE
    IP RULE
    IPTABLES


    My first attempt i tried using the following:

    iptables -t nat -A PREROUTING -p tcp --dport ! 80 -j DNAT -—to-destination 192.168.2.1

    where 192.168.2.1 is the IP to the gateway of my router as opposed to the PPTP gateway of 10.x.x.x.

    The resulting logs showed this:

    Note: vlan1 = internet gateway, ppp0 = PPTP gateway
    Making a request from local pc 192.168.1.101 to https : www.google.ca

    ACCEPT IN=br0 OUT=vlan1 SRC=192.168.1.101 DST=192.168.2.1 PROTO=TCP SPT=53342 DPT=443
    The problem here appears to be the DST part. The IPTABLES command seems to be modifying the original destination making the outgoing request from my PC useless. I want to retain the proper DST address (eg. 74.125.30.94) but perhaps modify the OUT network interface (from the original ppp0 before the IPTABLES modified it above) to vlan1.

    Is there such a command in IPTABLES such as "to-gateway" or "to-interface" that way it modifies the interface to use without modifying the actual request src or destination?

    Thanks.

  2. #2
    Join Date
    Nov 1999
    Location
    Rancho Cordova, CA
    Posts
    13
    I would advise you to try amending your routing table. I use this to connect to other networks/vlans.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •