<div dir="ltr"><div>You might be able to do this today without any changes to tinc, if you run your various tincd processes under different users, and then use something like:<br><br></div># iptables -A OUTPUT -m owner --uid-owner <username> -j MARK --set-mark ...<br></div><div class="gmail_extra"><br><div class="gmail_quote">On 5 October 2016 at 18:27, Olivier Tirat <span dir="ltr"><<a href="mailto:olivier.tirat@byo-networks.com" target="_blank">olivier.tirat@byo-networks.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I know i'm new to the list but i'd like to propose something for tincd daemon.<br>
<br>
I'd like to mark all sockets established by a tincd process with a mark passed as an argument in the command line.<br>
<br>
What could be the purpose of this new option?<br>
The goal of this option is to be able to have several tincd process running at the same time using the same port but using different ip.<br>
In order to be able to give the right IP to outgoing packet i have to be able to mark them and to source nat the packet according to the mark.<br>
The advantage of this solution isĀ to have fixed ports for traffic and firewalls and moving ip address that are much easier to manage.<br>
<br>
Do you think its something interesting?<br>
Do you think its a hard work to do?<br>
If not i could probably try to do it and propose a patch for that if you think it is interesting.<br>
<br>
<br>
Sincerely Yours<br>
<br>
Olivier<br>
<br>
<br>
______________________________<wbr>_________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a><br>
<a href="https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" rel="noreferrer" target="_blank">https://www.tinc-vpn.org/cgi-b<wbr>in/mailman/listinfo/tinc</a><br>
</blockquote></div><br></div>