Harry Lachanas wrote: > > I got a bit confused with "Extended MARK Target" > > > Is this capability available with 2.4.xx kernels ???
As I mentioned when you asked on the Shorewall list, I can't answer that one.
>
>
>
> If yes which module is required??
Extended mark support is not a separate module. It's a capability supported
by later versions of ipt_MARK (and by xt_MARK). It allows manipulating the
current packet mark using logical AND and OR.
You can test for the capability this way:
iptables -t mangle -N foo
iptables -t mangle -A foo -j MARK --and-mark 0xFF"
If you get an error such as:
iptables vx.y.z: Unknown arg `--and-mark'
then your iptables doesn't support the capability. If you get some sort of
'Invalid argument' error, then it is the kernel that lacks the support.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
