problem marking 3_tier client packets with iptables

Peter Mueller pmueller at
Thu May 23 19:35:41 BST 2002

> I understand icmp packets are sent according to the dst (true?)
> Here I have 3 routes for packets with dst_addr != RIP_network,
> one for src_addr=VIP, another for dst_addr=selected address:port,
> another for all other packets.

Can't you place these rules before your other/marking rules?  This way
iptables will process these first.  Or maybe there is some "funky" things
going on which prevents this? #:(|)


