How to find the chain which calls the match
aoliva at it.uc3m.es
Mon Oct 9 18:53:12 CEST 2006
Thank you very much for the answer but I think this is not what I was
trying. I mean how to know which is the calling chain from inside the
code of the matching function.
Thank you very much for the help.
Antonio de la Oliva
Gáspár Lajos wrote:
> aoliva írta:
>> Sorry if you receives multiple copies,
>> Hi all, I am writing a match for iptables and I would like it to have
>> a different behaviour when it is called from different chains (e.g.
>> different behaviour when called from INPUT than OUTPUT) anyone knows
>> how to check in the match which is the chain that is calling it?
>> Thanks in advance.
>> Antonio de la Oliva
> I DO NOT THINK THAT IT IS A GOOD IDEA OF USING IPTABLES THIS WAY,
> but anyway try this:
> iptables -A INPUT -j MARK --set-mark 1
> iptables -A INPUT -j mychain
> iptables -A OUTPUT -j MARK --set-mark 2
> iptables -A OUTPUT -j mychain
> iptables -A FORWARD -j MARK --set-mark 3
> iptables -A FORWARD -j mychain
> iptables -A mybehaviour1 -j DROP
> iptables -A mychain -j mybehaviour1 -m mark --mark 1 //INPUT
> iptables -A mychain -j mybehaviour2 -m mark --mark 2 //OUTPUT
> iptables -A mychain -j mybehaviour3 -m mark --mark 3 //FORWARD
More information about the netfilter