[vserver] how to recognise packets generated inside a guest

From: Giovanni Di Stasi <gdistasi_at_gmail.com>
Date: Tue 22 Jan 2008 - 09:35:18 GMT
Message-Id: <200801221035.18403.gdistasi@gmail.com>

Hi everyone,
I need to recognise packets generated inside a host, so that I can apply some
iptables rules to them.

I seem to remember that packets generated by a host are marked, so that they
can be recognised by "-m connmark --mark" of iptables. However I did some
tests using the nid of the guest as mark, but packets didn't get caught.

Second question: I also need to capture the packets (still generated inside a
guest) with an "ip rule" rule, in order to route that packets with a
different routing table. Does the mark apply in this case?

Received on Tue Jan 22 09:35:35 2008

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 22 Jan 2008 - 09:35:41 GMT by hypermail 2.1.8