[Top] [All Lists]

[PATCH 2.6] iptables CONNMARK match+target

To: David Miller <davem@xxxxxxxxxxxxx>
Subject: [PATCH 2.6] iptables CONNMARK match+target
From: Harald Welte <laforge@xxxxxxxxxxxxx>
Date: Thu, 21 Oct 2004 00:21:02 +0200
Cc: Linux Netdev List <netdev@xxxxxxxxxxx>, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, hno@xxxxxxxxxxxxxxx
Mail-followup-to: Harald Welte <laforge@xxxxxxxxxxxxx>, David Miller <davem@xxxxxxxxxxxxx>, Linux Netdev List <netdev@xxxxxxxxxxx>, Netfilter Development Mailinglist <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, hno@xxxxxxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040907i
Hi Dave!

Since 2.6.9 is out, I'll be pushing new feature patches again.

This is the first patch, adding something similar like nfmark, but on a
per-conntrack (as opposed to per-skb) level.  Very useful especially for
asymmatric routing in combination with MASQUERADE, as often found on
home DSL setups with dymamic IP address that also have e.g. a tunnel
device with static IP.

Signed-off-by: Henrik Nordstrom <hno@xxxxxxxxxxxxxxx>
Signed-off-by: Harald Welte <laforge@xxxxxxxxxxxxx>

- Harald Welte <laforge@xxxxxxxxxxxxx>   
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie

Attachment: 2.6.9-connmark.patch
Description: Text document

Attachment: signature.asc
Description: Digital signature

<Prev in Thread] Current Thread [Next in Thread>