LARTC
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [LARTC] iptables marks

from [Nelson Castillo] [Permanent Link][Original]
To: "Alejandro Ramos Encinosa" <alex@uh.cu>
Subject: Re: [LARTC] iptables marks
From: "Nelson Castillo" <nelsoneci@gmail.com>
Date: Sat, 21 Apr 2007 19:04:28 -0500
Cc: lartc@mailman.ds9a.nl
Delivered-to: sp-com-lists@consult.net
Delivered-to: lartc-list@securepoint.com
Delivered-to: lartc@outpost.ds9a.nl
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=LI2u+yu4MqAj78+lBG6C1gslJigff4E9ufGY/5jNbI5jV1mPEW5A9NfxPwe67xCNYLxFHAOP3vBb08LUMbzDqZHTcFjLVC0iFTvoVLlbzhCpyqXLAgter7+pkb3VGoFsN+4LQAYYEyXKcKfaB1nUhWyZPh7O8u2H5w2Og8E4wGU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=HjYo3MIE2iX4nChistABqm0TrPF4PEN+cIRt5AZrfehiz4bwBzMY5GkU/Wuib9ayWLNuDbTlXg8sWRH4B1uW4wxHrUuIShN4L4bfmgf4CP3R36KUT4qzUqraD7r7zReo4YGFmUQGonKwgUvOL0XggXhNaDZhWytDI5MkDGS35yM=
In-reply-to: <200704150425.37045.alex@uh.cu>
List-archive: <http://mailman.ds9a.nl/pipermail/lartc>
List-help: <mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id: "Mailinglist of the Linux Advanced Routing &amp; Traffic Control project" <lartc.mailman.ds9a.nl>
List-post: <mailto:lartc@mailman.ds9a.nl>
List-subscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
References: <200704150425.37045.alex@uh.cu>
Sender: lartc-bounces@mailman.ds9a.nl 
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8

and then I did `iptables -t mangle -L -x -v' and I got

Chain INPUT (policy ACCEPT 9565560 packets, 4954706655 bytes)
 pkts bytes target prot opt in   out source   destination
   45 31630  MARK     0 --  eth0 any anywhere anywhere    MARK set 0x7
   45 31630  MARK     0 --  eth0 any anywhere anywhere    MARK set 0x8

Can someone tell me how can I be sure one packet will just be marked once into
the chain?


I would try the following (untested) rules:

iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7
iptables -t mangle -A INPUT -i eth0 -j RETURN
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8

I guess you will never get the second mark.

Regards,
Nelson.-


--
http://arhuaco.org
http://emQbit.com
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [LARTC] Can't change ipt_conntrack hashsize under debian sarge ???, Sébastien CRAMATTE
Next by Date:  [LARTC] Debian sarge 2.6.18 Traffic Manager freeze under load ..., Sébastien CRAMATTE
Previous by Thread:  [LARTC] iptables marks, Alejandro Ramos Encinosa
Next by Thread:  Re: [LARTC] iptables marks, Padam J Singh
Indexes:  [Date] [Thread] [Top] [All Lists]