iptables --set-mark problem

Hi List,

i have a iproute2 tables that is working fine.
Here it is:
....
ip route flush table 4
ip route add table 4 192.168.0.0/24 dev eth0 scope link
ip route add table 4 default via 192.168.0.60
....

i tryed to add a host to that table:
ip route add to 10.100.52.110 lookup 4

and it works fine

now, i remove that host line and set a --set-mark option to the iptables
script:

iptables -t mangle -A PREROUTING -d 10.100.52.110 -j MARK --set-mark 4

but i can not access the host after starting the script. It will not
route via 192.168.0.60 (Cisco-VPN-Router), and i can not access the
website on 10.100.52.110.

in case that the
ip route add to 10.100.52.110 lookup 4
works fine, i suppose the thing is the firewall. The set Mark is not
working well.
Have i done somthing wrong? something missed?

Thanx for any advice.

Kris

kris wolff <(E-Mail Removed)> wrote news:(E-Mail Removed):
> ...
> ip route flush table 4
> ip route add table 4 192.168.0.0/24 dev eth0 scope link
> ip route add table 4 default via 192.168.0.60
> ...
>
> i tryed to add a host to that table:
> ip route add to 10.100.52.110 lookup 4
>
> and it works fine
>
> now, i remove that host line and set a --set-mark option to the iptables
> script:
>
> iptables -t mangle -A PREROUTING -d 10.100.52.110 -j MARK --set-mark 4
>
> but i can not access the host after starting the script. It will not
> route via 192.168.0.60 (Cisco-VPN-Router), and i can not access the
> website on 10.100.52.110.

I don't see the link between your mark and your routing table (there is no
default association with an iptables --set-mark)

Did you set it, like this ?

ip rule add fwmark 4 table 4

Regards

>
> I don't see the link between your mark and your routing table (there is no
> default association with an iptables --set-mark)
>
> Did you set it, like this ?
>
> ip rule add fwmark 4 table 4
>
> Regards

ooups, sorry, i forgot to post. Shure i set it.
Thanx for remaining.

Kris