Hi there, I am planing to add new user option to allow connmark to be shifted to enable more advanced routing options. Currently, it might be something like: Conntrack parameters and options: -sl, --shift-left bits shift mark by n bit to the left -sr, --shift-right bits shift mark by n bit to the right. We run out of nfmark (skb->mark) in our systems due to increasing number of routes we are supporting. One common user-case: Using connmark to direct traffic via ip rule onto different route tables. But the the first packet of this flow needs to be per-inspected by the IP-tables first to be marked with an ID (Route number ID in our case.). If we can have "SHIFT" operation working in conntrack, we would be able to support much more numbers of 'ID'. I wounder if this "SHIFT" idea can be considered to be accepted by upstream ? Thanks, Jack -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
