So I've got a location with two gateways. I want to route traffic to a certain destination through only one of the gateways. I'm testing this with ipchicken.com because it should be a good indication of whether I've got it working or not. Here's the setup that's not working: I thought that would make anything coming from the 10.0.0.0/24 network with the routing mark ipchx go through the 10.0.24.1 gateway. The mangle rule is getting hit but I've still got the ip of my primary gateway. help?

You can't do layer 7 filters for routing decisions that include NAT.

NAT happens on the first packet of a connection, and is set after that. You can't change your mind later and NAT to something else - even if the router would allow you to do that the other end of the connection would ignore anything coming from the changed IP address since it can't know those packets are part of the same connection.

'ipchicken.com' would only show up in the HTTP request (if a host header is used), which is the fourth packet of the connection, after the TCP three way handshake.

So in short: what you're trying to do is impossible. You can only make routing decisions based on properties the first packet of the connection has. If you really need to make routing decisions based on layer 7 information you will need to insert a transparent proxy like Squid to make such decisions. The built in proxy can't do this for you, either.

Thanks, Fewi. I think you have helped me a few times in the past as well. I believe I may be able to trick the system into appearing to work by creating a destination address list. Mwahahaha!

It's not perfect, but it will help me build a QoS system that otherwise wouldn't have worked.