On Tuesday 2005-October-11 09:25, Ignatich wrote:
> dr> Why is fwmark pointless?
>
> It's pointless because ipt_owner does not work in PREROUTING table.
> So even if I mark packet routing decision is already made.
The mangle table OUTPUT chain is consulted before routing.
root@room101:~# iptables -vt mangle -A OUTPUT -m owner --uid-owner rob0 -j MARK --set-mark 0x80
MARK all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 OWNER UID match 1000 MARK set 0x80
Did you try this?
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
