Andy Furniss wrote: iptables -A POSTROUTING -t mangle -j CONNMARK --set-mark 1 iptables -A INPUT -t mangle -m mark --mark 1 tc qdisc add dev eth0 ingresstc filter add dev eth0 parent ffff: protocol ip prio 6 u32 match ip src 0/0 flowid 1:1 action ipt -j CONNMARK --restore-markIt doesn't mark the packets. With tc actions the ingress qdisc gets packets before connection tracking, so CONNMARK doesn't have a connection tracking entry to mark. Regards Patrick |
| Previous by Date: | Re: iptables breakage WAS(Re: dummy as IMQ replacement, Patrick McHardy |
|---|---|
| Next by Date: | Re: iptables breakage WAS(Re: dummy as IMQ replacement, jamal |
| Previous by Thread: | Re: iptables breakage WAS(Re: dummy as IMQ replacement, Andy Furniss |
| Next by Thread: | Re: iptables breakage WAS(Re: dummy as IMQ replacement, Andy Furniss |
| Indexes: | [Date] [Thread] [Top] [All Lists] |