On Fri, 24 Sep 2004 20:21:22 +0200, cvok wrote
> Hello everybody.


> i think when packet is passing trough my POSTROUTING in mangle table
> it can't match rule 2 or 3, but in the real life it is a little bit different
> iptables -t mangle -L PREROUTING -v
> shows following:
> Chain PREROUTING (policy ACCEPT 16M packets, 4534M bytes)
>  pkts bytes target     prot opt in     out     source       destination
>  159K   53M CONNMARK   all  --  any    any     anywhere            
>  anywhere           CONNMARK set 0x0
> 1090  112K            all  -- 
>  any    any     anywhere             anywhere           CONNMARK 
> match 0x5
>   22  1843            all  --  any    any     anywhere     
>         anywhere           CONNMARK match 0x6
> i don't know if it is correct, so please tell me if it is normal.

It's normal. CONNMARK target doesn't mean stopping traversing the chain.

> Matis

Tomasz Chilinski

LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Reply via email to