Per application routing
In a nutshell:
I have two interfaces connected to two different networks. Both networks are connected to the internet. Now I want to force the traffic of a single program through one of the two interfaces and route any other traffic through the other one. I'm pretty sure this is possible, however I failed to find any way of doing this. To clarify: if1 is connected to lan1, if2 is connected to lan2. bot lan1 and lan2 are connected to gateways that are connected to the internet. appA is supposed to access the internet through lan1. Thus its traffic is supposed to be sent out through if1 and routed through lan1's gateway. app* (where * == \w && * != A) is supposed to access the internet through lan2. Traffic is sent out through if2. I thought of something similar to proxychains, that allows you to send an applications traffic through a specific proxy. Is there anything similar out there? Or is there some other possible way? Thanks in advance! |
you need to tell us more about these apps.. there are dozens of ways to distinguish one app form another, primarily port numbers....
|
Quote:
Also, if you have not already read this yet, I suggest you do so to get a basic dual-uplink network setup. |
Thanks to both of you!
@acid_kewpie: Yes, I'm sure there are many ways. However ports are unfortunately not an option to me. I took osor's advice and created a user to run appA. Thereupon I spent a few hours finding out that ROUTE is not a standard target, patching the kernel, compiling it, booting it, patching iptables and getting it to recompile under Gentoo. So far everything went quite smoothly. I agree with you that the second option would be more classy - however it would be kind of overkill for my purposes. Thats why I stuck with the ROUTE target. I tried to find out about the syntax... And I thought I managed to understand everything (I'm quite new to iptables. Or lets say - quite new to anything that is not done with -j DROP). So this is what my rule looks like: iptables -A PREROUTING -t mangle -m owner --uid-owner 1001 -j ROUTE --gw 192.168.0.1 I decided to use the gateway to specify the route. Of course the interface should work as well. However iptables returns: iptables: Invalid argument This is where the fun starts. I tried about everything and it won't change. Therefore I've come to the point where I expect some really stupid mistake in there. Could one of the kind guys out there please guide me towards my mistake? Thanks! |
Quote:
|
Quote:
|
All times are GMT -5. The time now is 08:03 AM. |