[LARTC] iptables marks
Alejandro Ramos Encinosa
alex at uh.cu
Sun Apr 15 06:25:36 CEST 2007
Hi all!!
I was trying to figure out how iptables marks work. I thought that a packet
could just be marked once into a chain (if the packet matchs the criteria,
then it the action is applied, and that's all for the packet into this
chain), but I was wrong: I did
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 7
iptables -t mangle -A INPUT -i eth0 -j MARK --set-mark 8
and then I did `iptables -t mangle -L -x -v' and I got
Chain INPUT (policy ACCEPT 9565560 packets, 4954706655 bytes)
pkts bytes target prot opt in out source destination
45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x7
45 31630 MARK 0 -- eth0 any anywhere anywhere MARK set 0x8
Can someone tell me how can I be sure one packet will just be marked once into
the chain?
More information about the LARTC
mailing list