Nishit Shah wrote:
Now,
I am using CONNMARK target to do mark on conntrack. Here
packets with direction IP_CT_DIR_ORIGINAL are marked with 1 and packets with
direction IP_CT_DIR_REPLY are marked with 2. Now as eth0 and eth1 are served
by different CPUs, is there chances of –m connmark will get wrong values of
conntrack mark ?
Yes, you should mark the packet and not the connection since
the direction is a property of the packet.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
