Hello! I would like to set up a machine to introduce random (but controllable) dropping of packets that are being forwarded. I also need to classify the traffic because I want some traffic shaping. The obvious solution is to QUEUE packets to user level and if they are ACCEPTed, put a MARK (--set-mark) on them for classifying. This would seem logical: iptables -A FORWARD -j QUEUE -j MARK Of course, it is not possible. How do I do this than? That is, how to do it without using two identical rules, one with QUEUE action and another with MARK action which does not seem to be a nice solution. Thanks! Josip
