* NAT with CONNMARK
@ 2006-09-27 20:37 Lucas Diaz
0 siblings, 0 replies; only message in thread
From: Lucas Diaz @ 2006-09-27 20:37 UTC (permalink / raw)
To: netfilter
I'm using CONNMARK with layer7 for doing traffic shaping, and it works
great.
My problem is that i want to SNAT packets marked with CONNMARK (actually
i'm doing "-m mark --mark X -j CONNMARK --save-mark"), and no packets go
through the rule "iptables -t nat -A POSTROUTING -m connmark --mark X -j
SNAT --to x.x.x.x".
I also tried using "-m mark --mark X -j SNAT --to x.x.x.x".
All the marking is done on mangle table PREROUTING chain.
What's the difference between MARK and CONNMARK?
I've also got another scenario with -j MARK on mangle table POSTROUTING
chain, and SNAT and it works fine.
I've searching in the web, and it seems to be all fine, but it doesn't work.
Thanx a lot.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-09-27 20:37 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-27 20:37 NAT with CONNMARK Lucas Diaz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox