still I am having some unexpected results
if I do
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
iptables -t mangle -A POSTROUTING -m mark --mark 3 -j ACCEPT
iptables -t mangle -A POSTROUTING -o eth41 -j MARK --set-mark 3
iptables -t mangle -A POSTROUTING -j CONNMARK --save-mark
then
iptables -t mangle --list
yields
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
CONNMARK 0 -- anywhere anywhere CONNMARK
restore
ACCEPT 0 -- anywhere anywhere MARK match 0x3
MARK 0 -- anywhere anywhere MARK set 0x3
CONNMARK 0 -- anywhere anywhere CONNMARK save
so it looks like it is ignoring the -o eth41 in the mark statement. It
appears to be working right, but looks not right...
how can I see the -o eth41 in the iptables -t mangle --list command or
can I not
regards
Brian
Jan Engelhardt wrote:
On Thursday 2008-07-17 08:56, Brian Austin wrote:
Hi,
sorry to hijack the thread a little bit... Just say I want to mark the
connections based on the network they are coming from/going to... does this
look appropriate?
See http://dev.medozas.de/NF-Cookbook.txt (item 5) for a cooked
approach.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
