From mboxrd@z Thu Jan  1 00:00:00 1970
From: Pablo Neira Ayuso <pablo@netfilter.org>
Subject: Re: MARK and CONNMARK
Date: Wed, 16 Jul 2008 12:49:51 +0200
Message-ID: <487DD24F.2020707@netfilter.org>
References: <200807161046.39247.vladislav.kurz@webstep.net> <alpine.LNX.1.10.0807161156560.26724@fbirervta.pbzchgretzou.qr> <200807161233.51463.vladislav.kurz@webstep.net>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
In-Reply-To: <200807161233.51463.vladislav.kurz@webstep.net>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"
To: Vladislav Kurz <vladislav.kurz@webstep.net>
Cc: netfilter@vger.kernel.org

Vladislav Kurz wrote:
>> As for the point to manuals, man iptables  is usually in good shape.
> 
> Ok, I can read this, but i just wonder what is the difference and how can I 
> use connmark. Just marking connections for fun? What other use they are for?
> 
> connmark - 
> This module matches the netfilter mark field associated with a connection
> 
> mark - 
> This module matches the netfilter mark field associated with a packet

Probably this can be a nice kick off.

http://home.regit.org/?page_id=7

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers