Re: Problem using fwmark -- how to mark packets from local host?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Daniel Chemko wrote: 
Use the OUTPUT chain instead of the PREROUTING chain for packets
originating from the local system.


Is there a way to mark packets originating on the local system?




Thanks. I tried that, but it did not seem to have any effect. The command I used was:

iptables -t mangle -A OUTPUT -j MARK --set-mark 0x0a -p tcp --dport 25

Now, when connecting from the localhost, I get:

telnet: connect to address 66.33.196.49: No route to host

I can still connect via the NAT'd systems okay.

Thanks for the assistance!

John.

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux