Cheers. From: "Ming-Ching Tiew" <mingching.tiew@xxxxxxxxxxx> > > I don't think you can perform CONNMARK on the INPUT chain > of the filter table, try doing it on the mangle table :- > > /usr/local/sbin/iptables -t mangle -A INPUT -j CONNMARK --save-mark > Hmm I issue the commands on the filter table and INPUT chain on my system, it seems to work too. And therefore your error is likely due to iptables not compiled against the correct kernel source.
