On Friday 2009-01-16 08:33, Patrick McHardy wrote: >> On Thursday 2009-01-15 14:47, Patrick McHardy wrote: >>>>> Namely that MARK.2 is available for all tables. It looks like an error, >>>>> given that the previous ones were all limited to the mangle table. >>>>> But, I would have to ask - what do we gain from limiting it to mangle? >>>>> [...] >>>>> I could imagine it having to do with routing (nfmark can be used as >>>>> a routing key, as can TOS/DSCP): >>>>> [...] >>>>> What do others think? >>> Agreed, it doesn't make sense to restrict it to mangle only. >>> >> Are there perhaps other targets besides MARK whose table restriction >> should be relaxed? > > I can think of CONNMARK, CLASSIFY, TCPOPTSTRIP for consistency with > TCPMSS and possibly CONNSECMARK (after consulting with James Morris). > connmark is already relaxed, as is connsecmark. And so I wonder what purpose the mangle table has, other than being before routing. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
