On Mon, 2012-01-30 at 14:18 -0600, David Koscinski wrote: > >>I'm not following you. > I mean that when I using /etc/shorewall/accounting I am seeing stats > based on what the MARK was before POSTROUTING. Since I want to know > what the final MARK was as the packets leave eth0, I cannot > use /etc/shorewall/accounting.
Why will the mark change? So long as you don't use :T marks, your marking will occur before accounting. > > >>That isn't going to work. When ACCOUNTING_TABLE=mangle, accounting > occurs before marking. > So it appears that I cannot use /etc/shorewall/accounting to track > what the final MARK was on outgoing packets regardless of whether I do > accounting in filter or mangle. POSTROUTING tcrules can conceivably > change the MARK after accounting has been done. Not if you don't have such rules. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
