From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 0192E1381F3 for ; Sun, 6 Oct 2013 16:17:13 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0A40DE0AC8; Sun, 6 Oct 2013 16:17:02 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 17151E09F0 for ; Sun, 6 Oct 2013 16:17:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 577F633EEAD for ; Sun, 6 Oct 2013 16:17:00 +0000 (UTC) X-Virus-Scanned: by amavisd-new using ClamAV at gentoo.org X-Spam-Flag: NO X-Spam-Score: -0.019 X-Spam-Level: X-Spam-Status: No, score=-0.019 tagged_above=-999 required=5.5 tests=[AWL=-0.567, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=1.2, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.652, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from smtp.gentoo.org ([IPv6:::ffff:127.0.0.1]) by localhost (smtp.gentoo.org [IPv6:::ffff:127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QcQVrhqvXi4n for ; Sun, 6 Oct 2013 16:16:54 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id A1BB633ED24 for ; Sun, 6 Oct 2013 16:16:54 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1VSr0h-0007Jd-8r for gentoo-user@gentoo.org; Sun, 06 Oct 2013 18:16:47 +0200 Received: from c-24-118-110-103.hsd1.mn.comcast.net ([24.118.110.103]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 06 Oct 2013 18:16:47 +0200 Received: from grant.b.edwards by c-24-118-110-103.hsd1.mn.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 06 Oct 2013 18:16:47 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: Grant Edwards Subject: [gentoo-user] Re: Where to put advanced routing configuration? Date: Sun, 6 Oct 2013 16:16:26 +0000 (UTC) Message-ID: References: X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-24-118-110-103.hsd1.mn.comcast.net User-Agent: slrn/1.0.1 (Linux) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Archives-Salt: b0d3d565-102b-4799-8e21-8dcf0a90a94c X-Archives-Hash: 57d9f8c539fe3a1e19e7813c74511f66 On 2013-10-03, Grant Edwards wrote: > Let's say you wanted to configure routing of TCP packets based on destination > port like in this example: > > http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html > > [which contains a series of 'ip' and 'iptables' commands to get packets > destined for port 25 to use a specific gateway.] > > How do do this the "right" way on a Gentoo system? > > Based on reading http://www.gentoo.org/doc/en/home-router-howto.xml, I think > I've figured out how to do the iptables part: you enter the 'iptables' > commands by hand to get the iptables set up the way you want, then you do > this: > > # /etc/init.d/iptables save > # rc-update add iptables default FWIW, it turns out using that facility wasn't appropriate. The iptables rules were dependent on info that's only available after the interface comes up and obtains its configuration via DHCP. So everyting (both 'ip' commands and 'iptables' commands ended up in /etc/conf.d.net in the postup() function for setup and the predown() function for teardown. -- Grant