extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-04-11 21:08:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updates to the Packet Marking doc

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-01-10 20:01:53 +00:00
parent 75e8e62864
commit 5460c0871a
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/PacketMarking.xml
View File

@ -74,6 +74,13 @@ tcp 6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
to another system, the packet's mark value is no longer available. to another system, the packet's mark value is no longer available.
Connection mark values, on the other hand, persist for the life of the Connection mark values, on the other hand, persist for the life of the
connection.</para> connection.</para>
<important>
<para>Other parts of the system such as <ulink
url="traffic_shaping.htm">Traffic Shaping</ulink> and <ulink
url="MultiISP.html">Policy Routing</ulink> cannot use connection marks —
they can only use packet marks.</para>
</important>
</section> </section>
<section> <section>
@ -123,7 +130,9 @@ tcp 6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
<para>POSTROUTING program — Entries with a class-id in the MARK column <para>POSTROUTING program — Entries with a class-id in the MARK column
(and that don't specify $FW in the SOURCE column) are part of the (and that don't specify $FW in the SOURCE column) are part of the
POSTROUTING program. These rules are executed for each packet leaving POSTROUTING program. These rules are executed for each packet leaving
the firewall.</para> the firewall. Entries specifying the ":T" suffix in the MARK column
are also part of the POSTROUTING program (Shorewall version 3.4.0 and
later). </para>
</listitem> </listitem>
<listitem> <listitem>