How can I redirect HTTP(S) traffic to another gateway?

Question

I have a network like 192.168.0.0/15 with the default gateway set to 192.168.0.1. All the workstations of the network use this gateway for all kind of accesses to the Internet. Now I am testing a new Internet connection with another provider and for that I'm using a second gateway on the same subnet with 192.168.0.2 as IP address. I want to redirect only HTTP and HTTPS traffic to this second gateway keeping untouched the address of the default gateway set inside every workstation. How can I accomplish this task? What I have to change inside the first's gateway firewall configuration or routes? I tried with a DNAT like:

DNAT    loc:192.168.0.1       loc:192.168.0.2    tcp    80

but nothing worked. I use Shorewall for simplicity in configuration but I can understand even theorical answers which I will try to adapt to my case.

score 1 · Answer 1 · answered Dec 29 '10 at 20:25

Ok i solved by myself using packet marking :-) I created two files into /etc/shorewall called tcrules and providers. Here's the contents of both:

providers

#NAME   NUMBER  MARK    DUPLICATE       INTERFACE       GATEWAY         OPTIONS
Provider1   1       202     -               eth1         192.168.0.2     loose

tcrules

#MARK    SOURCE              DEST        PROTO    DEST
#                                                 PORT(S)
202:P    eth1:!192.168.0.2  0.0.0.0/0   tcp      80
202:P    eth1:!192.168.0.2  0.0.0.0/0   tcp      443

With this configuration I can now redirect all incoming HTTP(S) connections (LAN side) from my first gateway to the second so i can test my new Internet Service Provider :-P

Thank you all!

How can I redirect HTTP(S) traffic to another gateway?

1 Answers1