On Tue, 30 Nov 2004 18:47:50 -0200, Roberto Jung Drebes <drebes@xxxxxxxxxxxx> wrote: > My netfilter module creates some traffic using ip_rcv and > ip_finish_output, and this traffic is also subject to my module, since > it is registered in the NF_IP_PRE_ROUTING and NF_IP_POST_ROUTING hooks. > I would like to test in my module if this traffic was created by itself > (in which case it should be ignored) or not (should be processed), and > so I am thinking of marking created packets with a magic number. Can I > use nfmark for that? Are there any other netfilter modules that use it? If you only need the distinction during local packet processing, then you can use the nfmark field for that purpose. However, if you are trying to mark packets that will leave the box and be destined for another, then you can't use nfmark. nfmark is just a netfilter-internal field used to mark packets for firewall/route rule/traffic shaping classification during packet processing. That field is not actually part of the packet that comes in/goes out on the wire. -- [ Tobias DiPasquale ] 0x636f6465736c696e67657240676d61696c2e636f6d
