LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page How do I verify marked packets?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-20-2010, 10:08 AM   #1
MikeyCarter
Member
 
Registered: Feb 2003
Location: Orangeville
Distribution: Fedora
Posts: 492

Rep: Reputation: 31
Question How do I verify marked packets?

I'm setting up things like this so that I can send web traffic via different routers. (like: all web requests from internal to outside go via rogers, but any inbound requests to my webserver go via acanac)

-A PREROUTING -p tcp --sport 80 -s 172.29.0.19 -j MARK --set-mark 4


How do I see the mark in tcpdump? how can I send a test package and see which route it takes? How do I verify the rules are working:

ip rule
0: from all lookup local
32763: from all fwmark 0x6 lookup vpn
32764: from all fwmark 0x2 lookup rogers
32765: from all fwmark 0x4 lookup acanac
32766: from all lookup main
32767: from all lookup default
 
Old 06-20-2010, 11:21 AM   #2
MikeyCarter
Member
 
Registered: Feb 2003
Location: Orangeville
Distribution: Fedora
Posts: 492

Original Poster
Rep: Reputation: 31
Lightbulb
Never mind seems I found it. Seems that the outbound packets were not getting marked. I had to add this line for that.

-A OUTPUT -p tcp --sport 80 -s 172.29.0.19 -j MARK --set-mark 4

Edited:

oh ya and added this to figure out out what was going on:

-A OUTPUT -p tcp --sport 80 -j LOG --log-level 4 --log-prefix "firewall debug http: "
Last edited by MikeyCarter; 06-20-2010 at 11:22 AM. Reason: added something.
 
Old 06-20-2010, 11:22 AM   #3
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
You wont see those MARKS by tcpdump. They are for netfilter&kernel. As long as understand those marks even do not go out.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
openssl ssl error code 14090086 verify the CA cert is ok / certificate verify failed acummings Slackware 14 02-27-2009 01:51 AM
RedHat: vi - search results are marked werner78 Linux - Newbie 1 05-24-2006 05:15 AM
Marked vowels and Opera 8.5 gbj SUSE / openSUSE 6 09-22-2005 01:10 AM
marked detoriation in performance! :( irfanhab Slackware 12 12-14-2004 07:35 AM
encapsulating TCP packets in UDP packets... yoshi95 Programming 3 06-03-2004 02:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:47 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration