Hi guys. I would like to set up a linux router for my network that would allow me to access a "control panel" through a web interface, then choose either gateway A or gateway B. And because I would have to log into the web page to make the choice, the linux box would already have a record of my username and relate that to a specific mac address. it would then route traffic from the user through the chosen wan port on the linux router.

I don't want to do it via ip address.

This must be possible? I have a symantec firewall that has two wan ports, and I can log into it and filter certain computers through wan 1 and others through wan 2, but it requires a restart each time and is not something I want users logging into as one can change other settings also. The symantec works quite well and with mac address and not ip address so even if a user changes their ip they still get routed correctly.

I just want a simple web site that allows a user to choose their gateway in real time, nothing fancy. If there is someone who could help me with this and is not too expensive I will gladly pay for your time or your advice, but it must work in the end...

Thanks

Basil

you're saying things like "all i want" and "simple"... but this is really odd, i'd put money on an entire solution like this not existing already. it's possible to dynamically add and remove routes of course, but tying that back to an interface is a big leap. why would you even want to do this? is there a bigger problem you could actually solve by some more conventional / logical methods? is this not something that good old lartc.org chapter 4 would solve?

Well, actually i never said "all I want", as a moderator I'm supprised that you focused so keenly on my choice of words and not the actual topic. I'm sure something does exist and I thought the point of this forum was to find a new solution or get help obtaining an existing one? To get comments on ones grammer is just an added bonus I guess? I am capable of logging into a system and making the required changes, but I want users on a network to be able to make that choice, either use cheap slow internet through wan1 or more expensive faster internet through wan2. I didn't mention these details previously as I feel there is more than enough info in my original post for readers to get what I am after, or should I say I want!

i'm not criticising grammar, i'm saying that i think you're underestimating how specific your request actually is. again i'd go back to actually defining your requirements concisely, not ask for a particular solution as you percieve it.

I think I was having a bad day, I had a look at the chapter you mentioned, not a very good look as I'm a bit busy at the moment but it looks like it might give me some guidance. I realise that linking the realtime routing system to a web site is a complicated task. I'm sure what I need can be done through iptables, and in that sense I know that there are many very experienced linux people out there and thats why I said it is probably a easy task for someone. I would like help from someone who has both web design skills and routing backround. I'm trying to develope a linux system that I have only seen in a hardware device, namely the symantec, but without all the other features the symantec offers, like firewall, load balancing, etc, it must simply route traffic through a specific nic. I could probably learn iptables and ssh into the box and configure the system each time I want to route a user through a different gateway, and I figured as linux is so scriptable I could run scripts from a web site to make that configuration for me. I don't have the time to develope these skills and thats why I just threw this question out there so I could possibly pay someone to do the setup.

well yes what you want's possible, and would be similar to the latrc stuff, it would just be based on different inputs. deep down you would have multiple routing tables and just use iptables to mark traffic which is then picked up by the matching route table. your issue is how you create the iptables rules based on a web form being submitted.