[LARTC] iptables marks

To:	lartc@mailman.ds9a.nl
Subject:	[LARTC] iptables marks
From:	Alejandro Ramos Encinosa <alex@uh.cu>
Date:	Sun, 15 Apr 2007 04:25:36 +0000
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	lartc-list@securepoint.com
Delivered-to:	lartc@outpost.ds9a.nl
List-archive:	<http://mailman.ds9a.nl/pipermail/lartc>
List-help:	<mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id:	"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>
List-post:	<mailto:lartc@mailman.ds9a.nl>
List-subscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
Reply-to:	Alejandro Ramos Encinosa <alex@uh.cu>
Sender:	lartc-bounces@mailman.ds9a.nl

To:

lartc@mailman.ds9a.nl

Subject:

[LARTC] iptables marks

From:

Alejandro Ramos Encinosa <alex@uh.cu>

Date:

Sun, 15 Apr 2007 04:25:36 +0000

Delivered-to:

sp-com-lists@consult.net

Delivered-to:

lartc-list@securepoint.com

Delivered-to:

lartc@outpost.ds9a.nl

List-archive:

<http://mailman.ds9a.nl/pipermail/lartc>

List-help:

<mailto:lartc-request@mailman.ds9a.nl?subject=help>

List-id:

"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>

List-post:

<mailto:lartc@mailman.ds9a.nl>

List-subscribe:

<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>

List-unsubscribe:

<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>

Reply-to:

Alejandro Ramos Encinosa <alex@uh.cu>

Sender:

lartc-bounces@mailman.ds9a.nl

Hi all!!

I was trying to figure out how iptables marks work. I thought that a packet 
could just be marked once into a chain (if the packet matchs the criteria, 
then it the action is applied, and that's all for the packet into this 
chain), but I was wrong: I did

iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8

and then I did `iptables -t mangle -L -x -v' and I got

Chain INPUT (policy ACCEPT 9565560 packets, 4954706655 bytes)
 pkts bytes target prot opt in   out source   destination
   45 31630  MARK     0 --  eth0 any anywhere anywhere    MARK set 0x7
   45 31630  MARK     0 --  eth0 any anywhere anywhere    MARK set 0x8

Can someone tell me how can I be sure one packet will just be marked once into 
the chain?
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

<Prev in Thread]	Current Thread	[Next in Thread>
[LARTC] iptables marks, Alejandro Ramos Encinosa <= Re: [LARTC] iptables marks, Nelson Castillo Re: [LARTC] iptables marks, Padam J Singh

Previous by Date:	[LARTC] Re: tc questions, Christian Benvenuti
Next by Date:	[LARTC] Can't change ipt_conntrack hashsize under debian sarge ???, Sébastien CRAMATTE
Previous by Thread:	[LARTC] The "ip route get" returns wrong interface and gateway in an multipath routing environment, e . janz
Next by Thread:	Re: [LARTC] iptables marks, Nelson Castillo
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[LARTC] Re: tc questions, Christian Benvenuti

Next by Date:

[LARTC] Can't change ipt_conntrack hashsize under debian sarge ???, Sébastien CRAMATTE

Previous by Thread:

[LARTC] The "ip route get" returns wrong interface and gateway in an multipath routing environment, e . janz

Next by Thread:

Re: [LARTC] iptables marks, Nelson Castillo

Indexes:

[Date] [Thread] [Top] [All Lists]