* NAT with CONNMARK
@ 2006-09-27 20:37 Lucas Diaz
0 siblings, 0 replies; only message in thread
From: Lucas Diaz @ 2006-09-27 20:37 UTC (permalink / raw)
To: netfilter
I'm using CONNMARK with layer7 for doing traffic shaping, and it works
great.
My problem is that i want to SNAT packets marked with CONNMARK (actually
i'm doing "-m mark --mark X -j CONNMARK --save-mark"), and no packets go
through the rule "iptables -t nat -A POSTROUTING -m connmark --mark X -j
SNAT --to x.x.x.x".
I also tried using "-m mark --mark X -j SNAT --to x.x.x.x".
All the marking is done on mangle table PREROUTING chain.
What's the difference between MARK and CONNMARK?
I've also got another scenario with -j MARK on mangle table POSTROUTING
chain, and SNAT and it works fine.
I've searching in the web, and it seems to be all fine, but it doesn't work.
Thanx a lot.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-09-27 20:37 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-27 20:37 NAT with CONNMARK Lucas Diaz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.