LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-18-2016, 03:30 AM   #1
adrhc
Member
 
Registered: Dec 2006
Location: Bucharest
Distribution: Ubuntu 16.04 LTS
Posts: 103

Rep: Reputation: 13
ip table 100 and 123


Hi, I use sshttp and sslh and they come with some script like this:

iptables -t mangle -N SSLH
iptables -t mangle -A OUTPUT --protocol tcp --out-interface eth0 --sport 1021 --jump SSLH
iptables -t mangle -A OUTPUT --protocol tcp --out-interface eth0 --sport 1080 --jump SSLH
iptables -t mangle -A SSLH --jump MARK --set-mark 0x1
iptables -t mangle -A SSLH --jump ACCEPT
ip rule add fwmark 0x1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

...
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERTssl
# marks the packets with a '1'
iptables -t mangle -A DIVERTssl -j MARK --set-mark 1
iptables -t mangle -A DIVERTssl -j ACCEPT
ip rule add fwmark 1 lookup 123 || true
ip route add local 0.0.0.0/0 dev lo table 123

I came to understand that these numbers, 100 and 123, are not chosen random but they mean something. What do they mean?
 
Old 11-18-2016, 08:15 AM   #2
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,039

Rep: Reputation: 98
They are custom routing tables and are linked to the loopback interface

Man ip(8) for more info
 
Old 11-19-2016, 01:33 AM   #3
adrhc
Member
 
Registered: Dec 2006
Location: Bucharest
Distribution: Ubuntu 16.04 LTS
Posts: 103

Original Poster
Rep: Reputation: 13
Are their number important or not? e.g. could I use 101 instead of 100 and 124 instead o 123 with no runtime change whatsoever?
 
Old 11-19-2016, 09:06 AM   #4
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,039

Rep: Reputation: 98
So long as you use a number not being used by anything else and you set it up in both lines:

IP rule add ...
IP route add ...

You can use any number between 1 and 253

Do not use 254 or 255

Not sure why you want to change it though
 
Old 04-11-2017, 10:07 AM   #5
adrhc
Member
 
Registered: Dec 2006
Location: Bucharest
Distribution: Ubuntu 16.04 LTS
Posts: 103

Original Poster
Rep: Reputation: 13
I'm using sshttp which has a script something like this:
ip route add local 0.0.0.0/0 dev lo table 123.

I want to use 2 instances of sshttp (one for port 80 and 1022 another for 1443 with 1022) so I guess I have to run that script 2 times but also for different routing table. So if I'm doing right this than I need to use an additional routing table number.
 
Old 04-11-2017, 10:17 AM   #6
adrhc
Member
 
Registered: Dec 2006
Location: Bucharest
Distribution: Ubuntu 16.04 LTS
Posts: 103

Original Poster
Rep: Reputation: 13
And what exactly means:
ip route add local 0.0.0.0/0 dev lo table 123

For me means: add the default existing route (meaning default gateway) also to the routing table 123.
Is that true or I'm far away ... ?

Last edited by adrhc; 04-11-2017 at 10:40 AM.
 
Old 04-12-2017, 08:45 AM   #7
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,039

Rep: Reputation: 98
It creates a custom routing table (123) that will match anything (0.0.0.0/0) using the loopback interface

The route is used by iptables for rules linked to the specific custom routing table

This will not stop your normal default route "default gateway" from working where there is not a more specific match in your normal routing table
 
  


Reply

Tags
route, table


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] MySQL run SELECT on a table if column A form table 1 equals column A from table 2 robertjinx Linux - Software 1 01-15-2016 10:48 AM
How to redirect a m.domain.com/abc to a ip address 123.123.123.123/abc? elok Linux - Server 5 05-27-2010 09:05 PM
what does 80.23.134.123 8:0 mean? Murdock1979 Linux - Server 1 04-20-2009 03:51 AM
123 file input is not taking for i in $(cat ./123) procfs Programming 3 07-20-2006 04:10 AM
I only need the disc 123 not all 15 right? coolbreeze7000 Debian 5 01-23-2005 08:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration