Hi Amit, On Wed, Apr 21, 2004 at 06:31:51PM +0530, aksingh@xxxxxxxxxxx told us: > Hi Sven > > I think you got my question wrong but thank anyways yr answer helped > anyways .... > first, i believe a packet that hits IP_PRE_ROUTING can never hit > IP_LOCAL_OUT, even if it is reinjected ... am i right ? Hmmm...well I think it shouldn't...I should have been able to think so far on my own...more coffee please! :)) > > now to your answer , u mean to say i can tag a packet when it passes thru > one hook so that another hook if it catches it can look at it and handle it > differently .. i just saw struct sk_buff ... it has an element unsigned > lonf nfmark ... so you mean to say i can set it to a paricular value, so > that when someother hook picks it up can identify that someone has already > looked at it, right ? ... yes surely this can help when we have > IP_PRE_ROUTING/POST_ROUTING combination or someother possible combination > like IP_LOCAL_OUT and IP_POST_ROUTING . Yes that's what I thougt of. The iptables mark match and target also use this field (nfmark). > > thanks sven ... btw whats HTH ? :) Hope that helps :)) > Amit > Sven > > > -- Linux zion 2.6.6-rc1 #1 Sat Apr 17 11:50:12 CEST 2004 i686 athlon i386 GNU/Linux 15:16:10 up 20:05, 1 user, load average: 0.02, 0.03, 0.00
Attachment:
pgp00856.pgp
Description: PGP signature
