On Fri, Apr 19, 2002 at 03:18:01PM +0200, Tobias wrote: [...] > Unfortinuatly netfilter can only set MARKs in the moment the > packets travers the INPUT Queue (of corresponding interface). > > --> > netfilter is not able to set mark for _local_ created packets, > because the INPUT Queue of netfilter is not passed. > > => In fact the MARK mechanism can only be used for incoming packets. Prior to 2.4.18, the 'mangle' table had PREROUTING (for incoming packets prior to routing) and OUTPUT (for locally generated packets) chains. After 2.4.18, there are INPUT, FORWARD, and POSTROUTING chains as well. I'm using the OUTPUT chain of the 'mangle' table to set-tos values, but I'm pretty sure I can --set-mark instead. I'm unable to test it at the moment though. -- Adrian Chung (adrian at enfusion-group dot com) http://www.enfusion-group.com/~adrian GPG Fingerprint: C620 C8EA 86BA 79CC 384C E7BE A10C 353B 919D 1A17 [toad.enfusion-group.com] up 26 days, 21:07, 16 users
