Re: [Fwbuilder-discussion] option "Make Tag and Classify actions terminating"
Brought to you by:
mikehorn
Menu
▾
▴
Re: [Fwbuilder-discussion] option "Make Tag and Classify actions terminating"
|
From: Niumar A. K. <ni...@so...> - 2011-12-20 19:10:41
|
Its done Mike! https://sourceforge.net/tracker/?func=detail&aid=3463032&group_id=5314&atid=355314 <https://sourceforge.net/tracker/?func=detail&aid=3463032&group_id=5314&atid=355314> Thank you Mike and Vadim. I'm happy to help to make fwbuilder even better. -- Engº Niumar André Klein Analista de rede/servidores SOLIS - Cooperativa de Soluções Livres www.solis.coop.br Em 20-12-2011 01:02, Mike Horn escreveu: > > > 2011/12/16 Niumar André Klein <ni...@so... <mailto:ni...@so...>> > > > Yes, Vadim I agree with you, but it is possible to define that ACCEPT > rule in the mangle table in the same chain that the mark rule is > created, after it, of course. > So, first you mark the packet and then accept it. > > My really problem is that I have one global mark rule on the end of the > chain that sets mark 0x2, and some others before it that set 0x1 if > matched. The issue with this is that always the last rule is matched. > > example: > > #1 packet coming from 10.0.0.50 mark with 0x1 > #2 packet coming from 10.0.0.60 mark with 0x1 > #3 packet coming from 0.0.0.0 mark with 0x2 > > In the above example, if 10.0.0.50's packet comes in, it is marked with > 0x1, but this mark is overwritten by the rule #3 with 0x2, even with the > ACCEPT rule in the filter, INPUT chain. > Because of this I need the "ACCEPT rule" between #1 and #2 in the > mangle, PREROUTING chain. > > I tried add the ACCEPT rule (below) in the mangle, PREROUTING chain and > it works fine. Maybe could it be a suggestion. > > iptables -t mangle -I PREROUTING 2 -i eth0 -d 10.0.0.50 -j ACCEPT > > > This is a good suggestion, please add it as a feature request on > SourceForge so that we can keep track of it as a potential enhancement > in future versions. > > > http://sourceforge.net/tracker/?group_id=5314&atid=355314 > > > Regards, > > > -mike > > > Thanks again Vadim. > > Regards, > > > > ------------------------------------------------------------------------------ > Learn Windows Azure Live! Tuesday, Dec 13, 2011 > Microsoft is holding a special Learn Windows Azure training event for > developers. It will provide a great way to learn Windows Azure and what it > provides. You can attend the event by watching it streamed LIVE online. > Learn more at http://p.sf.net/sfu/ms-windowsazure > _______________________________________________ > Fwbuilder-discussion mailing list > Fwb...@li... <mailto:Fwb...@li...> > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion > > |