iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7 iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8 and then I did `iptables -t mangle -L -x -v' and I got Chain INPUT (policy ACCEPT 9565560 packets, 4954706655 bytes) pkts bytes target prot opt in out source destination 45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x7 45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x8 Can someone tell me how can I be sure one packet will just be marked once into the chain?
I would try the following (untested) rules: iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7 iptables -t mangle -A INPUT -i eth0 -j RETURN iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8 I guess you will never get the second mark. Regards, Nelson.- -- http://arhuaco.org http://emQbit.com _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
