From mboxrd@z Thu Jan  1 00:00:00 1970
From: Brian Austin - Standard Universal <brian@standarduniversal.com.au>
Subject: Re: How to use mark and connmark in one rule
Date: Fri, 24 Apr 2009 23:37:56 +1000
Message-ID: <49F1C0B4.8010809@standarduniversal.com.au>
References: <20090424133235.GA14156@tkeitel002.bln.innominate.local>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
In-Reply-To: <20090424133235.GA14156@tkeitel002.bln.innominate.local>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: Tino Keitel <tkeitel@innominate.com>
Cc: netfilter@vger.kernel.org

to do this would be faster than patching and etc..

iptables -A INPUT -m mark --mark 1 
iptables -A INPUT -m connmark --mark 2

regards

Brian


Tino Keitel wrote:
> Hi folks,
>
> when I try to use the mark and connmark extensions in one rule, I get
> an error:
>
> $ iptables -A INPUT -m mark --mark 1 -m connmark --mark 2
> iptables v1.4.2: mark: "--mark" option may only be specified once
>
> Is this intended? If not, is there a way to make this work with a stock
> iptables, or do I have to patch the source and rename one of the
> options?
>
> Regards,
>
>