Mildly, OT, in so much as it's netfilter related, but of course that impacts Shorewall. :-)
I can't seem to figure out what I am missing here. I have an openwrt machine with kernel 2.6.25.20 and while extended marking seems to work for ipv4, it doesn't for ipv6. Witness: # iptables -t mangle -N foobar # iptables -t mangle -A foobar -j MARK --and-mark 0xFF # ip6tables -t mangle -N foobar # ip6tables -t mangle -A foobar -j MARK --and-mark 0xFF ip6tables v1.4.0: MARK target: kernel too old for --and-mark Try `ip6tables -h' or 'ip6tables --help' for more information. AFAIK (and that leaves a lot of room for a fubar here) the same kernel modules that support MARK for ipv4 also support ipv6, so if one works, so should other, no? Is my kernel just broken or did I miss a module load? Or is there something in my kernel build that I missed? b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
