I'm using CONNMARK with layer7 for doing traffic shaping, and it works
great.
My problem is that i want to SNAT packets marked with CONNMARK (actually
i'm doing "-m mark --mark X -j CONNMARK --save-mark"), and no packets go
through the rule "iptables -t nat -A POSTROUTING -m connmark --mark X -j
SNAT --to x.x.x.x".
I also tried using "-m mark --mark X -j SNAT --to x.x.x.x".
All the marking is done on mangle table PREROUTING chain.
What's the difference between MARK and CONNMARK?
I've also got another scenario with -j MARK on mangle table POSTROUTING
chain, and SNAT and it works fine.
I've searching in the web, and it seems to be all fine, but it doesn't work.
Thanx a lot.
