On 09/29/2017 01:54 PM, Vieri Di Paola via Shorewall-users wrote: > > ________________________________ > From: Tom Eastep <[email protected]> >> >> It is the *next to the last* rule that is causing the problem. > > > OK, so my problem is that I wrote the following in my mangle file: > > MARK(1-3):P 0.0.0.0/0 0.0.0.0/0 tcp,udp 53 > > and it translated to: > > Chain tcpre > > [...] > 7784 6738K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 > statistic mode nth every 3 MARK xset 0x1/0xff > 7783 6764K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 > statistic mode nth every 3 packet 1 MARK xset 0x2/0xff > 7783 6623K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 > statistic mode nth every 3 packet 2 MARK xset 0x3/0xff > > I erroneously thought that I could "balance" DNS traffic among the first 3 > providers. > > It can't be done here, right?
It appears that the entry is not being translated correctly, as it is missing the protocols and port. So take it out for now. -Tom > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
