On 22.03.2012 07:06, Henrik Nordström wrote:
ons 2012-03-21 klockan 12:32 +1300 skrev Amos Jeffries:
The UDS packets comes to mind, but that is a different PF_* family
type. I stopped looking at that point.
It could be the packet MARK lookups which are done through
libnetfilter-*. I have very little idea how that library works
internally.
Packet MARK or connection MARK?
Packet MARK should be available via normal getsockopt, if at all..
connection MARK needs a netfilter netlink request via
libnetfilter-conntrack.
In that case. connection MARK. I didn't realise there were two, its was
apparently changeable half-way through a flow which made me think it was
packets-based.
Regards
Henrik
who incidently happens to be original author of netfilter CONNMARK
some
generations ago, long before there was netlink support for querying
conntrack like this
Well done. Its a great feature.
Amos
