Hi,
I am using the CONNMARK patch.
Inside conntrack_core, in case of special conditions, I have modified the mark value in the conntrack.
I then added the following rules in FORWARD chain.
iptables -t mangle -A FORWARD -m connmark --m mark 1 -j DROP
where the CONNMARK is set in case of the illegal packet.
However this CONNMARK value is getting effective only for the next packet and not for the same packet.
Is there some way by which, I can make the settings applicable to the same packet itself?
Thanks and Regards, Vinod C
