On Monday 12 July 2004 13:46, Mike wrote: > You may be marking on the ingress interface. Locally generated packets > do not go through that NIC and therefore do not get marked. You would > have to mark them on the INPUT chain of your egress interface.
Keeping in mind that INPUT doesn't see both sides of the connection, so some (many) L7 filters would fail. > Mike Fetherston > _______________________________________________ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
