I have an application that suffers from ddos. So we put it behind a filter that works on the basis of GRE.
The filter works fine, but the application has a subapplication that answers to other ports and ends up answering to a different IP as well (in this case, the server's default IP).
Is there any way that I can route outbound traffic from a particular port to the GRE IP?
I tried this but was not successful, the traffic is not yet routed through the gre:
iptables -t nat -A POSTROUTING -o eth0 -p udp -j SNAT --to-source 192.168.168.2
192.168.168.2 is the server ip on the GRE. The packet is still being sent by the public IP and not through the tunnel gre.