Is there any option to have shorewall[6] completely disregard the mangle table?
I've pared down my previous multi-provider config such that all I am
getting in my mangle table is:
Chain PREROUTING (policy ACCEPT 41 packets, 3740 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 41 packets, 3740 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0
MARK and 0xffff00ff
Chain OUTPUT (policy ACCEPT 46 packets, 4880 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 34 packets, 3872 bytes)
pkts bytes target prot opt in out source destination
I'm not sure where that one line FORWARD MARK rule is coming from, but
ultimately Shorewall is still wiping out what another application had
put into the mangle table.
I don't want Shorewall touching the mangle table at all. Possible?
Cheers,
b.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
