Subject says it all.
I'm on Ubuntu server 12.04, with iproute 20111117-1ubuntu2 (Linux
qafirewall 3.2.0-26-generic-pae #41-Ubuntu SMP Thu Jun 14 16:45:14 UTC
2012 i686 i686 i386 GNU/Linux).
Simple dial-tone question first just to make sure that I'm not trying to
do something that can't actually be done...
Attempting to execute lines like:
tc filter add dev ifb0 parent ffff:0 protocol ip prio 1 u32 \
match u32 0 0 \
action ipt -j MARK --set-mark 17 \
action mirred egress mirror dev lo
results in error:
ipt: unrecognized option '--set-mark'
Googling for "action ipt -j MARK --set-mark" produces literally
thousands of apparently respectable instances of this.
I hope that I'm not being bit by "well, if you read it on the web then
it MUST be true!"
The rest of what I'm trying to do, which is multiply-and-variously-DNAT
SNMP traps and Syslog messages onto a set of different target IPs, does
seem to be working well. I just need to mark the packets from the tc
part of things into the iptables part of things in order to achieve the
desired DNAT.
Thanks.
- mjamesb
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
