On Thursday 2011-02-03 21:01, Ethy H. Brito wrote: > >The marks is performed by these four lines: > >/usr/sbin/iptables -t mangle -A POSTROUTING -o eth0 -m mark ! --mark 0 \ > -j IPMARK --addr dst --and-mask 0xffff --or-mask 0x20000 >/usr/sbin/iptables -t mangle -A POSTROUTING -o eth0 -m mark --mark 0 \ > -j IPMARK --addr dst --and-mask 0xffff --or-mask 0x0 >/usr/sbin/iptables -t mangle -A POSTROUTING -o eth1 -m mark ! --mark 2 \ > -j IPMARK --addr src --and-mask 0xffff --or-mask 0x0 >/usr/sbin/iptables -t mangle -A POSTROUTING -o eth1 -m mark --mark 2 \ > -j IPMARK --addr src --and-mask 0xffff --or-mask 0x40000 > >BTW "mark 2" is there in the iptable LOG. >IN=eth0 OUT=vlan3 SRC=...blablabla ... ACK PSH URGP=0 MARK=0x2 > >But where can I find IPMARK?? The IPMARK target controls the nfmark (MARK= field). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
