Ethy H. Brito, on Monday, Mar 17 2003 at 21:17, wrote: > On 15 Mar 2003 22:12:31 +0100 > Eric Leblond <eric@xxxxxxxxx> wrote: > > > Le sam 15/03/2003 à 21:18, Manuel Samper a écrit : > > > Eric Leblond, on Wednesday, Mar 12 2003 at 16:03, wrote: > > > > > so, why is needed the "--restore-mark/--save-mark"?. I guess that > > > the tc filters (e.g. fwmark) can only see/manage the packets marked > > > by the mark module a not by connmark, it's correct? > > This restoring shouldn't it be done at PREROUTING chain instead of > POSTROUTING as pointed in you mini HOWTO or it makes no difference? I'am wondering the same, and still need to do some testing (but I have some version problem between iptables-tools/kernel that prevents me from using CONNMARK).
