Tom Eastep wrote: > Bob Ramstad wrote: >> On 5/11/06, Bob Ramstad <[EMAIL PROTECTED]> wrote: >>> I see 22 connections with mark=1 right now, and 7 with mark=0 right >>> now... and I suspect that if all 22 mark=1 connections were being set >>> to class 50, the system would be behaving as I'd like. >> I really thought I had it, but again, stymied. I came to the >> conclusion that the connection was being marked, but the packets >> obviously were not... so when RTFM I stumbled the documentation for >> TEST :C in tcrules for matching a connection flag vs matching a packet >> flag, and modified the last line in my recipe: >> >> RESTORE:F - - tcp >> CONTINUE:F - - tcp - - - !0 >> 1:F - - ipp2p ipp2p >> SAVE:F - - tcp - - - 1 >> 50 - - - - - - 1:C >> > > That's because, except for the first p2p packet, all of the rest are > getting packet mark = 1 -- not 50. > > Switch the third rule to 50:F and ditch the 5th rule.
Oh -- and change the last column of the 4th rule from 1 to 50. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
