Bug 14007
Summary: | iproute2: socket lookup after policy-based local route returns "connect: Invalid argument" | ||
---|---|---|---|
Product: | Networking | Reporter: | Markus (markus) |
Component: | IPV4 | Assignee: | Stephen Hemminger (stephen) |
Status: | CLOSED INVALID | ||
Severity: | normal | CC: | alan, bjornar.ness, markus |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | 2.6.31 | Subsystem: | |
Regression: | No | Bisected commit-id: |
Description
Markus
2009-08-19 08:55:43 UTC
(switched to email. Please respond via emailed reply-to-all, not via the bugzilla web interface). On Wed, 19 Aug 2009 08:55:44 GMT bugzilla-daemon@bugzilla.kernel.org wrote: > http://bugzilla.kernel.org/show_bug.cgi?id=14007 > > Summary: iproute2: socket lookup after policy-based local route > returns "connect: Invalid argument" > Product: Networking > Version: 2.5 > Kernel Version: 2.6.31 > Platform: All > OS/Version: Linux > Tree: Mainline > Status: NEW > Severity: normal > Priority: P1 > Component: IPV4 > AssignedTo: shemminger@linux-foundation.org > ReportedBy: markus@selfnet.de > Regression: No > > > I want to add policy based routes to my local machine similar to the iptables > redirect command. With this it is possible to redirect connections without > losing the destination ip. > So i tried to add an route of type local to another routing table then table > local: > > sudo ip route add local 192.168.33.0/24 dev eth0 table local > ping 192.168.33.1 -c 1 > #working > > sudo ip route add local 192.168.34.0/24 dev eth0 table main > ping 192.168.34.1 -c 1 > #connect: Invalid argument > > The first one is working, the secound one not. The only difference is another > routing table. icmp is only an example, tcp and udp doesnt work neither. > > I guess somewhere in the socketlookup linux checks the destination ip with > the > local routes only in the local table. perhaps the other tables are missed. > > btw: i tried it on every linux with iproute2 i found. with no succeed > Why is this closed as invalid? Seem to me it is still valid, and a explanation why it is invalid would be great. I don't remember why it was closed, but iirc it should be done with the
iptables TPROXY extension.
Am 2014-08-12 19:37, schrieb Bjørnar Ness:
> Why is this closed as invalid? Seem to me it is still valid,
> and a explanation why it is invalid would be great.
|