[PATCH 1/1] Re: dangerous? Setting mark in nat table
Amin Azez
azez at ufomechanic.net
Wed Mar 14 13:52:55 CET 2007
* Henrik Nordstrom wrote, On 14/03/07 12:43:
> ons 2007-03-14 klockan 12:02 +0100 skrev Patrick McHardy:
>
>
>> Thats true, routing by nfmark in the OUTPUT chain needs the rerouting
>> done by the mangle table, but nowadays there are other uses for nfmark,
>> so if someone feels motivated to send a patch to get rid of this pretty
>> arbitary restriction I think I would take it.
>>
>
> If you do, please remove the same restriction from CONNMARK restore
>
Let it at least be said that some of my patches are used :-)
(Henrick, are you interested in my per-flow patch for connmark, so that
each side of the flow can have a seperate mark? Also dumped thus out of
/proc/net/ip-conntrack and libnfnetlink)
Signed-off-by: Sam Liddicott <azez at ufomechanic.net>
Sam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mark-mangle.patch
Type: text/x-patch
Size: 2052 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20070314/15784a00/mark-mangle-0001.bin
More information about the netfilter-devel
mailing list