On Fri, Feb 20, 2015 at 12:55 PM, Hyunseok <[email protected]> wrote: > Hi, > > I was doing some experiment where I mark packets using iptables (i.e., > --set-mark) on a host, and send the marked packets to a container running on > the host via bridge. > > I noticed that the packet marking done on the host is not preserved across > the container boundary. That is, the container does not see the packet > marks. > Is that an expected behavior?
It should be that way. iptables mark does not modify anything on the acual packet, so there will not be anything about the mark in packets on the bridge. -- Fajar _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
