On Wednesday 26 October 2005 14:40, Richard Amerman wrote: > > That command includes the following: > > CONNMARK target v1.3.3 options: > --set-mark value[/mask] Set conntrack mark value > --save-mark [--mask mask] Save the packet nfmark in the connection > --restore-mark [--mask mask] Restore saved nfmark value >
That confirms that the problem is definitely in the kernel then. Try this at a shell prompt: iptables -t mangle -N foo iptables -t mangle -A foo -j CONNMARK --save-mark What error message is generated? What is the output of 'lsmod | grep CONNMARK' ? -tOM -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
pgp1ohkXf77nL.pgp
Description: PGP signature
