Hi all!! I was trying to figure out how iptables marks work. I thought that a packet could just be marked once into a chain (if the packet matchs the criteria, then it the action is applied, and that's all for the packet into this chain), but I was wrong: I did iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7 iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8 and then I did `iptables -t mangle -L -x -v' and I got Chain INPUT (policy ACCEPT 9565560 packets, 4954706655 bytes) pkts bytes target prot opt in out source destination 45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x7 45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x8 Can someone tell me how can I be sure one packet will just be marked once into the chain? _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
