On 12/05/2011 01:01, Andrew Beverley wrote: > On Wed, 2011-05-11 at 15:30 +0100, Ed W wrote: >> On 09/05/2011 22:45, Andrew Beverley wrote: >>> I wrote a similar patch for Squid (released in V3.2), which allows >>> packets to be marked before Squid, and Squid to reapply the mark on >>> retransmission. Marks can also be applied for locally cached files. If >>> it helps the patch is at: >>> >>> http://bazaar.launchpad.net/~squid/squid/3-trunk/revision/10925 >> >> >> Did you find any better way to read the packet mark than using >> conntrack? I see that's how you are doing it in the patch you reference? >> > > No, I think that's the only/best way of doing it (you can't read it from > a socket). That's the advice I got from the netfilter developers anyway, > and it doesn't get much better than that. I guess a feature request that the nf_mark is copied down to the "socket mark" for arriving packets is going to be met with a "lets see your patch"? Did you do any investigation to see where such code might be fitted - or even if it's a good idea? Cheers Ed W -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
