On Fri, 28 Sep 2007 19:36:15 +0200 (CEST), Jan Engelhardt wrote > On Sep 28 2007 20:06, Kaloyan Kovachev wrote: > >Hello, > > i need to mark the connection with the realm number, but it seems there is no > >'easy way' and there should be separate rule for each realm. > > > > Are there any plans to add this functionality and which is the preferable way > >to go: > > 1) create new REALMCONNMARK target with and/or mask > > Yeah, since there is already an xt_realm, a xt_REALM would be > the logical counterpart. xt_REALM seams a logical name for changing the realm, not for marking the packet or connection > > > 2) extend the current CONNMARK by adding --realm-mark in addition to --set-mark > > > > I think the second one will be easier and can be done in iptables extension > >only without touching the kernel source right? - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
