Send specific ports through interface other than default

Question

I'm a very recent newbie in Linux. I've already read so many articles but can't find the issue in my configuration and I need some help.

I have a Debian PC with two interfaces:

ens192 - 10.20.30.0/26 default gateway
ens256 - 10.10.10.8/29

I have two internet providers with routers 10.20.30.40 (default) and 10.10.10.10.

I only want to send only TCP/443 and TCP/8080 communications through 10.10.10.10 router. All other communications should go through 10.20.30.40.

I've added

80   special

to /etc/iproute2/rt_tables and ran

sudo ip route add table 80 10.10.10.8/29 dev ens256 scope link src 10.10.10.12    
sudo ip route add table 80 default dev ens256 via 10.10.10.10
sudo iptables -t mangle -N markports
sudo iptables -t mangle -I PREROUTING 1 -j CONNMARK --restore-mark
sudo iptables -t mangle -I OUTPUT 1 -m mark --mark 0 -j markports
sudo iptables -t mangle -I OUTPUT 2 -j CONNMARK --save-mark
sudo iptables -t mangle -A markports -p tcp --dport 443 -j MARK - set-mark 0x80
sudo ip rule add fwmark 0x80 lookup 80
sudo iptables -t nat -I POSTROUTING 1 -m mark --mark 0x80 -j MASQUERADE

However, it's still not working! What do I need to change?

score 0 · Answer 1 · answered Feb 20 '23 at 00:40

0

Take my advice with a grain of salt as I am also still learning iptables/rules/routes, however, I think what you are missing is a "ip rule" that applies the routes/tables you have configured.

For example, I think something like the following would work:

ip rule add iif lo ipproto tcp dport 80 lookup 80
ip rule add iif lo ipproto tcp dport 443 lookup 80

Reference this question for more info: Routing port traffic over specific interface

answered Feb 20 '23 at 00:40

depoultry

1

Thank you. I'll try that later today and give feeback than – LightBro Feb 20 '23 at 11:43

Send specific ports through interface other than default

1 Answers1