Once again forgot to reply to the list: Patrick McHardy wrote: > Ciprian Niculescu wrote: > >> whitch is the logic in this piaece of code >> >> iptables -t mangle -A PREROUTING -j IMQ >> iptables -t mangle -A PREROUTING -s 1.2.3.4 -j MARK --set-mark 1 >> >> and in the imq0 i have a class that handle the pachets marked with 1 >> >> this works, the question is why? >> >> beacouse i understand that: >> the pachet first enter the IMQ table, and in the queue, after that he >> exit and continue with the next rule in the PREROUTING, witch is the >> mark. >> >> i must got it wrong >> >> >> C > > > > hi! > yes, you got it wrong. the IMQ target only MARKS packets to be enqueued > later, for incoming packets after passing the mangle table, for outgoing > after passing ALL tables (filter, mangle & nat). > IMQ itself is not a table, its a software device which feeds itself > packets through netfilter. > hope that helps. > bye, > patrick >
