Le 01/08/2016 à 22:28, Yan Seiner a écrit :
This is driving me nuts. I've spent most of the day trying to figure
out why marking packets does not work. I've now isolated the problem to
where I believe that neither MARK nor CONNMARK targets work on a pppoe
interface.
This assumption is of course wrong. iptables and conntrack don't care
about the interface type.
Here's what I have:
eth0.9 - cable interface with DHCP: xxx.158.166.12
eth0.8 - DSL interface with pppoe: xxx.251.62.82
and here's how I mark them (I've also tried marking on PREROUTING):
iptables -t mangle -A INPUT -i ${dsl_if} -j CONNMARK --set-mark 0x02/0x02
iptables -t mangle -A INPUT -i ${cable_if} -j CONNMARK --set-mark 0x01/0x01
What is the value of ${dsl_if} ? It should be pppN, created by pppd with
N=0, 1, 2...
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
