On Thu, 2 Feb 2006 14:12:45 +0200 "Vaidas" <admin@xxxxxx> wrote: > iptables -t mangle -A DSL-IN -p tcp -j CONNMARK --restore-mark > > iptables -t mangle -A DSL-IN -p tcp -m mark ! --mark 0 -j ACCEPT > > iptables -t mangle -A DSL-IN -p tcp -m ipp2p --ipp2p -j MARK --set-mark 7 > > iptables -t mangle -A DSL-IN -p tcp -m mark --mark 7 -j CONNMARK --save-mark > > iptables -t mangle -A DSL-IN -p udp -m ipp2p --ipp2p -j MARK --set-mark 7 > > iptables -t mangle -A DSL-IN -m mark --mark 0 -j MARK --set-mark 6 > > iptables -t mangle -A DSL-IN -j IMQ --todev 0 What about saving the marks with '-j CONNMARK --save-mark' unconditionally as the last rule of DSL-IN chain? Ethy _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
