> It turns out that I *CAN* do it all with iptables *IF* the following
> untested code actually works (this assumes that mangle is re-called on
> a retransmit)
>
> # If we've already marked this packet, strip/log/send...
> iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 --ecn-tcp-remove
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j ECN \
--ecn-tcp-remove
> iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j LOG
> iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j ACCEPT
> # Else tag it - if it makes it on the first try, good. If not, re-enter above
> iptables -t mangle -A OUTPUT -p tcp --syn -m mark --set-mark 99
>
> Does the mangle/output chain get called again for a retransmitted
> packet, or only once?
For every retransmitted packet.
> /Valdis
Maciej
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Feb 23 2003 - 22:00:34 EST