My doubt is, what you said is that only one package in a mark will me matched without that other comands, so, the lines I have put in red are correct? Today it is working fine, but I have never made a test longer than 20 or 30 minutes...Att,Nataniel Klug
It should perfectly fine. Since you're just marking based on an ip match, there is no need for CONNMARK. CONNMARK is only needed when you want to mark a whole connection based on something you'll only see once, like the p2p protocol's headers. destination/source addresses will be present in every packet you want to mark.
- Jody
_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
