Hello again, looks the only way for matching the vlan/CoS tag on a linux box will be to write a small application that registers on the prerouting hook on non-vlan interface (eth0), inspects the vlan tag and marks the packet in, say, DSCP or ttl field, which can be after inspected by iptables. I will appreciate if someone can point to an example for similar task, or to the right libraries to use - are libnetlink / libnetfilter_queue the right choice? Can I get access to the raw coming packet on eth0 via those libraries? Unfortunately libpcap is not a choice, it does not alter packets. Thanks, George. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
