From: Matt N <voy...@ho...> - 2005-07-18 19:09:54
|
> > My hunch is that it's still some issue with the marked packets not being >routed properly the second time, after they've been through the OUTPUT >chain. However, according to the shorewall documentation here: >http://www.shorewall.net/Shorewall_and_Routing.html , the packets should be >re-routed after being marked in the OUTPUT chain :( > > > > Could someone confirm to me that packets generated from the firewall can >definitely be routed using fwmarks? > >How are you marking them in the tcrules file? I simply put the line: 1 $FW 0.0.0.0/0 tcp 80 in tcrules and like I posted earlier, the marking is definitely happening, because the packet/byte counts increase every for that rule every time I make an outgoing HTTP connection from my firewall. However, the routing doesn't seem to be affected by the mark... [And sorry for the HTML, I'm at work and using hotmail, which is not my usual configuration. I think I managed to turn it off now? But let me know if not...] |