On Sat, 2005-12-17 at 12:49 -0500, Michael D. Berger wrote: > Using iptables-1.2.11-3.1.RHEL4. > > In the mangle table, in an otherwise successful -j QUEUE > I get the correct result of 2 in the filter table. > > Is there any way to make this work in the -j QUEUE processor? If I understand your problem, you wanna set the mark with the QUEUE target. To do so you have to apply a patch to ipq and kernel if you use kernel prior to 2.6.14 : http://www.netfilter.org/projects/patch-o-matic/pom-extra.html#pom-extra-ip_queue_vwmark After 2.6.14 the new NFQUEUE target and libnetfilter_queue are able to do marking without any patch. By the way, if you need a code example of port to libnetfilter_queue, you can use nufw code (http://www.nufw.org) (directory src/nufw/) BR, -- Eric Leblond <eric@xxxxxxxxx> NuFW, Now User Filtering Works : http://www.nufw.org
