Re: Using nfmark - Tobias DiPasquale

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tobias DiPasquale <codeslinger@gmail.com>
To: Roberto Jung Drebes <drebes@inf.ufrgs.br>
Cc: netfilter-devel@lists.netfilter.org, netfilter@lists.netfilter.org
Subject: Re: Using nfmark
Date: Tue, 30 Nov 2004 16:40:25 -0500	[thread overview]
Message-ID: <876ef97a041130134054e2f392@mail.gmail.com> (raw)
In-Reply-To: <1992A582-4311-11D9-9302-000A957B2B6C@inf.ufrgs.br>

On Tue, 30 Nov 2004 18:47:50 -0200, Roberto Jung Drebes
<drebes@inf.ufrgs.br> wrote:
> My netfilter module creates some traffic using ip_rcv and
> ip_finish_output, and this traffic is also subject to my module, since
> it is registered in the NF_IP_PRE_ROUTING and NF_IP_POST_ROUTING hooks.
> I would like to test in my module if this traffic was created by itself
> (in which case it should be ignored) or not (should be processed), and
> so I am thinking of marking created packets with a magic number. Can I
> use nfmark for that? Are there any other netfilter modules that use it?

If you only need the distinction during local packet processing, then
you can use the nfmark field for that purpose. However, if you are
trying to mark packets that will leave the box and be destined for
another, then you can't use nfmark. nfmark is just a
netfilter-internal field used to mark packets for firewall/route
rule/traffic shaping classification during packet processing. That
field is not actually part of the packet that comes in/goes out on the
wire.

-- 
[ Tobias DiPasquale ]
0x636f6465736c696e67657240676d61696c2e636f6d

     prev parent reply	other threads:[~2004-11-30 21:40 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-11-30 20:47 Using nfmark Roberto Jung Drebes
2004-11-30 21:40 ` Tobias DiPasquale [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=876ef97a041130134054e2f392@mail.gmail.com \
    --to=codeslinger@gmail.com \
    --cc=drebes@inf.ufrgs.br \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.