LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-02-2015, 07:34 PM   #1
hebothu
LQ Newbie
 
Registered: Sep 2015
Posts: 1

Rep: Reputation: Disabled
Unhappy I cannot find my mark after using "iptables --set-mark"


My machine has two network interfaces, one is wired (eth0) and the other one is wireless (wlan0). The wired one cannot connect to any external NTP server because there is a firewall outside. The wireless one has no such constraint.

Therefore, I want to route all NTP traffic to wlan0. As I know, the NTP traffic go through the UDP 123 port. What I have done is described below.

Code:
$ sudo echo "201 ntp.out" >> /etc/iproute2/rt_tables
$ sudo ip route add default via 100.75.0.1 dev wlan0 table ntp.out

$ sudo sysctl -w net.ipv4.tcp_fwmark_accept=1
$ sudo iptables -t mangle -I PREROUTING -p udp --dport 123 -j MARK --set-mark 0xfefa
$ sudo iptables -t mangle -I OUTPUT -p udp --sport 123 -j MARK --set-mark 0xfefa
$ sudo ip rule add fwmark 0xfefa lookup ntp.out
However, it doesn't work. I used Wireshark to track the UDP:123 packets, and found that there is no mark ''fefa'' in the packets.

BTW, I set net.ipv4.tcp_fwmark_accept rather than net.ipv4.udp_fwmark_accept, because there is no net.ipv4.udp_fwmark_accept defined. I also tried to mark TCP packets, but still could not find the mark in those packets.

Could anybody help me solve the problem? I'm using Ubuntu 14.04 LTS.

Last edited by hebothu; 09-02-2015 at 07:35 PM.
 
Old 09-04-2015, 10:22 AM   #2
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 4,329

Rep: Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978Reputation: 1978
The mark is not part of the actual packet, so you will never see it with Wireshark.
Quote from https://www.frozentux.net/iptables-t...tml/x4389.html:
"Note that the mark value is not set within the actual package, but is a value that is associated within the kernel with the packet. In other words, you can not set a MARK for a packet and then expect the MARK still to be there on another host. If this is what you want, you will be better off with the TOS target which will mangle the TOS value in the IP header."

Last edited by rknichols; 09-04-2015 at 10:29 AM. Reason: Add quote from iptables tutorial
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mark Shuttleworth on Ubuntu releases: "the sky is not falling" LXer Syndicated Linux News 0 03-07-2013 10:50 PM
using --set-mark in iptables to drop packets -? vlyamtse Linux - Networking 1 07-18-2012 05:13 AM
"Quatation mark / comma key in the keyboard is not working properly...!" raheesc Linux - Desktop 3 05-12-2011 12:48 PM
What RPM Macro Corresponds to "Mark for Complete Removal" in Synaptic? Kaboosh Linux - Software 4 03-26-2011 07:16 PM
"Set Mark as read flag to NO" in Coureir or Migration to dovecot manijeee Linux - Server 0 10-14-2009 02:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration