Thank you very much for the answer but I think this is not what I was
trying. I mean how to know which is the calling chain from inside the
code of the matching function.
Thank you very much for the help.
Regards
Antonio de la Oliva
Gáspár Lajos wrote:
aoliva írta:
Sorry if you receives multiple copies,
Hi all, I am writing a match for iptables and I would like it to have
a different behaviour when it is called from different chains (e.g.
different behaviour when called from INPUT than OUTPUT) anyone knows
how to check in the match which is the chain that is calling it?
Thanks in advance.
Antonio de la Oliva
I DO NOT THINK THAT IT IS A GOOD IDEA OF USING IPTABLES THIS WAY,
but anyway try this:
iptables -A INPUT -j MARK --set-mark 1
iptables -A INPUT -j mychain
iptables -A OUTPUT -j MARK --set-mark 2
iptables -A OUTPUT -j mychain
iptables -A FORWARD -j MARK --set-mark 3
iptables -A FORWARD -j mychain
iptables -A mybehaviour1 -j DROP
iptables -A mychain -j mybehaviour1 -m mark --mark 1 //INPUT
iptables -A mychain -j mybehaviour2 -m mark --mark 2 //OUTPUT
iptables -A mychain -j mybehaviour3 -m mark --mark 3 //FORWARD
Swifty
