John Lister a écrit : > > I'd shortened it without the filter part as you don't need to specify the > table :) Only in the userland tools. In the kernel there is no default table. >>> iptables -t mangle -A OUTPUT -m mark --mark 0 -m state --state >>> -j MARK --set-mark 111 > >> Isn't something missing in that rule ? > I'm guessing you mean the statistic bit? And the state after --state too. Do your MARK rules match some packets (counters increase) ? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
