On 10/3/19 11:54 PM, Vieri Di Paola wrote: > Hi Tom, > >> /etc/shorewall/actions >> >> TEE builtin,mangle >> >> /etc/shorewall/mangle: >> >> IPTABLES(TEE --gateway 1.2.3.4):P eth0 - > > This generates: > > -A PREROUTING -i eth0 -m mark --mark 0x0/0xff -j TEE --gateway 1.2.3.4 > > Is the mark necessary? Can it be removed from the rule? >
It is removed by setting TC_EXPERT=Yes in shorewall.conf. Be sure to compare the generated ruleset with the current one to be sure that there were no unintended side effects of that change. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
