> I suppose it is right, because the rtp traffic come after the session (SIP > or h323) was established, and so correctly accounted: so the first rule > restore the mark on RTP traffic also. [...] > How can i ''debug'' these things? I've treiad a simple: watch -n 1 grep <ip address> /proc/net/nf_conntrack and i've called a SIP phone on that IP address; as expected just after someone answered, the rtp traffic get flow, and was as expected on mark=1. Also, the iptables counter for the rule of 'helper' match remains at zero. So, if i use connmark restore, the helper match are totally unuseful? -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/chi_siamo/5xmille.php (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA) -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
