Hello. Shouldn't marks in routemark chain (and "~excl" chains etc.) be applied with mask according to PROVIDER_OFFSET and PROVIDER_BITS ? Currently shorewall does this:
-A routemark -i p2p1 -j MARK --set-mark 0x100 -A routemark -i p2p2 -j MARK --set-mark 0x200 Shouldn't it be (for example): -A routemark -i p2p1 -j MARK --set-mark 0x100/0xff00 -A routemark -i p2p2 -j MARK --set-mark 0x200/0xff00 ? If I mark packets elsewhere using for example mask 0xff (for qos, ipsec, routing etc.), I am currently loosing those marks in routemark chain. Or am I wrong ? Regards. -- Artur ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
