dhcpcd-discuss

how to add source level routing

nivwiz@xxxxxxxxx

Tue Jan 25 18:35:14 2011

I am using dhcpcd to manage ppp0 and eth0.
how can I achieve source level routing from eth0, so communication coming in
to eth0 will be sent out using eth0 and not ppp0?
# ip ro
98.158.112.57 via 84.109.112.1 dev eth0
98.158.117.129 dev ppp0  proto kernel  scope link  src b.b.b.b
192.168.14.0/24 dev br0  proto kernel  scope link  src 192.168.14.70
84.109.112.0/22 dev eth0  proto kernel  scope link  src a.a.a.a  metric 203
127.0.0.0/8 via 127.0.0.1 dev lo
default via 98.158.117.129 dev ppp0
default via 84.109.112.1 dev eth0  metric 203

I am asking that traffic that comes in via a.a.a.a will leave from that
device

I came up with this , which aint working:
#/lib/dhcpcd/dhcpcd-hooks/60-l2tp.conf
[ -f /etc/conf.d/strongVpn ] && . /etc/conf.d/strongVpn
if [ "$interface" = "$WAN_DEV" -a "$if_up" = "true" ] ; then
    #if [ $if_up -a "$reason" = "BOUND" ] ; then
    [ -n "${new_routers}" ] &&ip ro | grep -q "${VPN_HOST} via
${new_routers}"
    if [ $? -ne 0 ] ; then
        line=$(ip ro | grep "${VPN_HOST} via")
        line=${line%%dev*}
        [ -n "${line}" ] && ip ro del ${line}
        ip ro add "$VPN_HOST" via "$new_routers"
        #add route to cellcom via ISP
        #ip ro |grep -q 192.118.11.120 ||ip ro add 192.118.11.120 via
"$new_routers"
        #apply src base routing
        #grep -q 100 /etc/iproute2/rt_tables || echo "100 bezeqint"
>>/etc/iproute2/rt_tables
        ip rule |grep "bezeqint" &&ip rule del table bezeqint
        if [ $? -eq 0 ] ; then
            ip rule add from "$new_ip_address" table bezeqint
            ip ro add 192.168.14.0/24 dev br0 table bezeqint
            ip ro add 127.0.0.0/8 dev lo table bezeqint
            ip ro add default dev "$interface" via "$new_routers" table
bezeqint
        fi
    fi
    grep -q $new_ip_address /etc/ipsec.conf
    if [ $? -ne 0 ] ; then
        sed -i "s/left=.*/left=$new_ip_address/" /etc/ipsec.conf
        sed -i "s/.*\ :/$new_ip_address $VPN_HOST \:/" /etc/ipsec.secrets
        #/usr/bin/rc-config restart ipsec
    fi
    #$old_routers is missing so no ip ro del
    #fi
fi

Follow-Ups:
Re: how to add source level routingRoy Marples
Archive administrator: postmaster@marples.name