On Thu, 21 Jul 2005, /dev/rob0 wrote: > Edmundo Carmona wrote: > > I don't think I'm that smart to be the first to need this feature... > > so I hope I'm the ONE vote that flips the balance to convince > > netfilter developers that this is indeed <i>good and necessary</i>. > > I am not sure we have developers posting here regularly. I've seen > Harald Welte, but not often. I just looked and see that Jozsef > Kadlecsik, who does post here, is on the Core Team. Just as time permits, alas... > > Maybe a new chain could be used to do some PREROUTING actions (like > > marking) before the routing decision is made for output traffic. > > Is there any reason you can't use mangle/PREROUTING or nat/PREROUTING > for what you need? What would filter/PREROUTING provide that those do > not? In fact, although I don't do anything with mangle, I thought > marking was in mangle territory. The original post was about locally generated packets and OUTPUT chain. There's no need for extra hooks, because the routing engine is called after the OUTPUT chain as well: local process -> routing -> OUTPUT chain -> routing -> POSTROUTING chain No problem with policy routing for the locally generated traffic. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
