From: "U.Mutlu" <for-gmane@mutluit.com>
To: netfilter@vger.kernel.org
Subject: Re: IPTABLES + PREROUTING + --set-mark + Ubuntu
Date: Fri, 16 Jan 2015 02:03:34 +0100 [thread overview]
Message-ID: <m99o16$uos$1@ger.gmane.org> (raw)
In-Reply-To: <m99npn$roj$1@ger.gmane.org>
U.Mutlu wrote, On 01/16/2015 01:59 AM:
> The Media Server wrote, On 01/15/2015 11:34 PM:
>> Hi I can't get my PREROUTING iptables rule to mark my packets via
>> --set-mark on Ubuntu
>>
>> iptables -t mangle -A PREROUTING -p tcp --sport 80 -j MARK --set-mark 2
>> rule add fwmark 2 table 2
and the above one should be
ip rule add fwmark 2 table 2
>> iptables -t mangle -A PREROUTING -j MARK --set-mark 2
>> iptables -t mangle -A INPUT -j MARK --set-mark 2
>> iptables -t nat -A INPUT -j MARK --set-mark 2
>> iptables -t nat -A PREROUTING -j MARK --set-mark 2
>>
>> None of the above pass trough the table2
>>
>> but this does pass trough the table 2 with this rule:
>> ip rule add from 192.168.2.0/24 table 2
>>
>> ----
>> Is there a problem marking packets in Ubuntu 14.04.1 LTS and iptables v1.4.21?
>
> Have you also defined table 2 in /etc/iproute2/rt_tables ?
> It must be something like:
> 2 mytab2
> I think there is no tool for it, you have to edit the file.
>
> later you can use
> ip rule ls
> ip route ls
> ip route ls table 2
> or alternatively
> ip route ls table mytab2
>
> and don't forget to del the wrong or excess entries there...
> ip rule del fwmark 2 table 2
> ip route flush table 2
>
next prev parent reply other threads:[~2015-01-16 1:03 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-15 22:34 IPTABLES + PREROUTING + --set-mark + Ubuntu The Media Server
2015-01-16 0:59 ` U.Mutlu
2015-01-16 1:03 ` U.Mutlu [this message]
2015-01-16 9:16 ` Pascal Hambourg
-- strict thread matches above, loose matches on Subject: below --
2015-01-16 1:48 The Media Server
2015-01-16 1:53 The Media Server
2015-01-16 2:02 ` U.Mutlu
2015-01-16 2:02 The Media Server
2015-01-16 2:14 ` U.Mutlu
2015-01-16 2:15 The Media Server
2015-01-16 2:27 ` U.Mutlu
2015-01-16 2:24 The Media Server
2015-01-16 2:35 ` U.Mutlu
2015-01-16 2:45 The Media Server
2015-01-16 2:53 ` U.Mutlu
2015-01-16 3:12 The Media Server
2015-01-16 3:31 ` U.Mutlu
2015-01-16 3:49 P-o Lévesque
2015-01-16 4:51 ` The Media Server
2015-01-16 5:33 The Media Server
2015-01-16 8:15 ` U.Mutlu
2015-01-16 14:03 The Media Server
2015-01-16 20:05 P-o Lévesque
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='m99o16$uos$1@ger.gmane.org' \
--to=for-gmane@mutluit.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.