jon hale wrote:
I have a problem when I combine owner-gid, fwmark, and iproute2.
I am starting to wonder if I can really get there from here.
Synopsis:
I have been trying to set up policy routing based upon the group id
of the process sending the packets.
It works for most packets, but there is some scenario that happens at
the end of every ftp upload, where the packet goes out the wrong
interface and gums up the works.
The stack may send packets that don't belong to the original socket.
You need to use CONNMARK to make sure all packets of a connection
are marked similar.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
