LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-13-2012, 09:45 AM   #1
vlyamtse
Member
 
Registered: Apr 2007
Posts: 51

Rep: Reputation: 15
using --set-mark in iptables to drop packets -?


I learned that iptables can "mark" the packet in the mangle table to change routing decisions for the packet... But what does the "--set-mark" actually change in ip header and can it be used to drop the packet?
Thank you,
-V
 
Old 07-18-2012, 04:13 AM   #2
SuperJediWombat!
Member
 
Registered: Apr 2009
Location: Perth, Australia
Distribution: Ubuntu/CentOS
Posts: 208

Rep: Reputation: 50
--set-mark only marks the packet while it is traversing the network stack within the kernel. It does not change any headers or anything else which means that you will not be able to use the mark to drop the packet once it reaches another box.

You can drop the packet once it reaches the filter table on the same host which market the packet.
 
  


Reply

Tags
iptables, netfilter


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] iptables not getting it to drop packets danoelke Linux - Networking 2 04-19-2012 11:17 AM
drop packets (not iptables) in C / C++ IdealVithVodka Programming 10 05-30-2010 05:37 PM
iptables drop packets as invalid between 2 end-network connected through VPN nass Linux - Server 1 03-05-2010 09:56 AM
drop packets for specific port with iptables ohcarol Linux - Security 1 07-03-2005 10:48 AM
drop incoming/outgoing packets using iptables doshiaj Linux - Security 1 06-08-2004 10:38 AM


All times are GMT -5. The time now is 12:24 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration