On Sunday 2010-06-20 13:16, Andrew Beverley wrote: >> >Can somebody point me in the right direction for the correct way of >> >setting and accessing the mark value of a packet? The TOS feature in >> >Squid uses setsockopt(). Is there an equivalent for mark? Should I be >> >using libnetfilter_queue? >> >> setsockopt(fd, SOL_SOCKET, SO_MARK, ...) > >I am getting the error "Operation not permitted" when trying to do this. >Is this because the packet is not in a state where it can be marked, or >am I doing something stupid? My code is: > >int nfmark = 255; >setsockopt(fd, SOL_SOCKET, SO_MARK, (int *) &nfmark, sizeof(int)); > > >The following lines of code in the same place work okay to set the TOS: > >int nfmark = 255; >setsockopt(fd, IPPROTO_IP, IP_TOS, (int *) &nfmark, sizeof(int)); 1. Do away with the pointless casts. 2. Needs root privileges. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
