On Thu, 2007-19-04 at 07:12 -0700, Tom Eastep wrote: > I'm lost. What is the difference between that and what HIGH_ROUTE_MARKS=Yes > does already (except for the width of the fields).
Nothing at all. What I am proposing is in fact an emulation of HIGH_ROUTE_MARKS=Yes without using HIGH_ROUTE_MARKS=Yes. > I believe that to do what > you are proposing requires the same capabilities. But doesn't require that the kernel/iptables support "both the extended CONNMARK target and the extended connmark match capabilities" which my kernel does not unfortunately: shorewall-lite show capabilities ... Extended CONNMARK Target: Available ... Extended MARK Target: Not available ... b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
