mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-08 16:54:10 +01:00
Clear provider mark on OUTPUT traffic
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4650 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
56c0cb2064
commit
96351b327b
@ -97,7 +97,8 @@
|
||||
# #version 2.6.14).
|
||||
#
|
||||
# In all of the above columns except ACTION and CHAIN, the values "-",
|
||||
# "any" and "all" may be used as wildcards
|
||||
# "any" and "all" may be used as wildcards. Omitted trailing columns are
|
||||
# also treated as wildcards.
|
||||
#
|
||||
# Please see http://shorewall.net/Accounting.html for examples and
|
||||
# additional information about how to use this file.
|
||||
|
@ -6,6 +6,8 @@ Changes in 3.3.3
|
||||
|
||||
3) Make the maximum zone name length dependent on LOGFORMAT.
|
||||
|
||||
4) Clear provider marks in POSTROUTING when HIGH_ROUTE_MARKS=Yes.
|
||||
|
||||
Changes in 3.3.1
|
||||
|
||||
1) Load the proxyarp lib when 'proxyarp' option is specified.
|
||||
|
@ -913,7 +913,7 @@ setup_tc1() {
|
||||
fi
|
||||
|
||||
if [ -n "$HIGH_ROUTE_MARKS" ]; then
|
||||
for chain in INPUT FORWARD; do
|
||||
for chain in INPUT FORWARD POSTROUTING; do
|
||||
run_iptables -t mangle -I $chain -j MARK --and-mark 0xFF
|
||||
done
|
||||
fi
|
||||
|
@ -33,7 +33,9 @@ Shorewall 3.3.3
|
||||
|
||||
Problems Corrected in 3.3.3
|
||||
|
||||
None.
|
||||
1) Previously, the 'provider' portion of the packet mark was not being
|
||||
cleared after routing for traffic that originates on the firewall
|
||||
itself.
|
||||
|
||||
Other changes in 3.3.3
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user