We develop a proxy server product. To improve our flow based reporting, we want our proxy server to be able to determine which interface each socket is using, both from incoming and outgoing. This is pretty hard to infer for our product, because we support features like load balancing across ISPs, vlan's, etc. Right now the best idea I have is to reserve some bits of the connmark and stamp an interface number on each connmark during PREROUTING and POSTROUTING, but I'd need about 10 bits of the mark field for that and I'd prefer not to throw so many of them away. Is there an API I could call from userspace to figure out what interface is being used by a specific connection? I can get to the conntrack data, but I doesn't look like conntrack is recording which interfaces each flow is using. Iptables rules seem to be able to filter based on interface, but I guess maybe that's being implemented on a per packet basis? Advice would be appreciated, -- David Hinkle Senior Software Developer Phone: 800.243.3729x3000 Email: hinkle@xxxxxxxxxxxxxx Hours: Mon-Fri 8:00AM-5:00PM (CT) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
