In a chain you can make the target "MARK" and assign it a ID. Example: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 25 Later in any chain you can use the "mark" match item to look for these marked packets / streams. Example: iptables -t nat -A POSTROUTING --mark 25 -j SNAT --to-source 10.0.0.1 Have fun, Leon -----Original Message----- From: Abhinav Gupta <gupta@xxxxxxxxxxxxxxxx> Subject: Question about nfmark Hi, I am a newbie to netfilter. While going through some code, I saw a comment that nfmark can be used for communicating between the different hooks. Could someone please explain me how this can be done. Thanks in advance. Abhinav.
