Hello, I am trying to classify ipsec and non-ipsec traffic on the external interface of my box. I plan to use fwmarks in iptables, and then rely on those for queueing classification on the external interface. My question is, if I mark a packet before it is encrypted by KLIPS in FreeS/WAN, when it is re-injected with a new IP header, will that fwmark be maintained? Looking here: http://iptables-tutorial.frozentux.net/iptables-tutorial.html#MARKTARGET it is not clear. I'm going to do some testing but I was hoping that someone might have a definitive answer. I am using kernel 2.4.21. Thanks, Mike -- Michael P. Soulier <michael_soulier@xxxxxxxxx>, 613-592-2122 x2522 6000/6010/60* Development, Mitel Corporation "...the word HACK is used as a verb to indicate a massive amount of nerd-like effort." -Harley Hahn, A Student's Guide to Unix
Attachment:
signature.asc
Description: This is a digitally signed message part
