Hi,
after I found a nice tutorial [1], I started to hack some code [2].
Is it the correct approach to introduce a new kernel module and a new
nftables statement?
Is there an easy way to attach the secmark to the parent connection,
so that all packets of the same connection inherit it?
Best regards,
Christian Göttsche
[1] https://zasdfgbnm.github.io/2017/09/07/Extending-nftables
[2] https://github.com/cgzones/secmark
