Re: mark value as routing key

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Marco Berizzi <pupilla@hotmail.com>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: mark value as routing key
Date: Sun, 30 Oct 2005 16:23:15 +0100	[thread overview]
Message-ID: <4364E563.5090709@trash.net> (raw)
In-Reply-To: <BAY103-F12CBD5D305A6953CA1C2EEB2730@phx.gbl>

Marco Berizzi wrote:
> Hi.
> 
> I have a problem with iptables mark target.
> I'm using iptables to mark packet in this manner:
> 
> iptables -t mangle -I OUTPUT --protocol tcp --dport 80 -j MARK --set-mark 1
> 
> This linux box has two different ip addresses on
> two different subnet on the same ethernet NIC:
> 
> eth0: 1.1.1.254/24
> eth0:adslA: 10.10.10.6/29
> 
> This is my ip rule sh output:
> 
> 0: from all lookup local
> 400: from all fwmark 0x1 lookup adsl
> 450: from all lookup hdsl
> 32766: from all lookup main
> 32767: from all lookup default
> 
> Here is ip route sh table adsl:
> default via 10.10.10.1 dev eth0 metric 1
> and this is ip route sh table hdsl:
> default via 1.1.1.1 dev eth0 metric 1
> 
> main table doesn't have any default route.
> 
> Locally generated packet with destination port 80
> are going through the adsl table but the packet
> source ip is 1.1.1.254. Why source ip packet is
> 1.1.1.254? Should't it be 10.10.10.6?

The mark value can't be used for source address selection
because at the time source address selection is performed
there is no packet yet and thus no mark value.

next prev parent reply	other threads:[~2005-10-30 15:23 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-20  8:14 mark value as routing key Marco Berizzi
2005-10-20 10:57 ` Martijn Lievaart
2005-10-20 11:12 ` Henrik Nordstrom
2005-10-20 12:09 ` David Coulson
2005-10-30 15:23 ` Patrick McHardy [this message]
  -- strict thread matches above, loose matches on Subject: below --
2005-10-19 10:43 Marco Berizzi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4364E563.5090709@trash.net \
    --to=kaber@trash.net \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=pupilla@hotmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.