On 22.03.2012 07:06, Henrik Nordström wrote:
> ons 2012-03-21 klockan 12:32 +1300 skrev Amos Jeffries:
>
>> The UDS packets comes to mind, but that is a different PF_* family
>> type. I stopped looking at that point.
>>
>> It could be the packet MARK lookups which are done through
>> libnetfilter-*. I have very little idea how that library works
>> internally.
>
> Packet MARK or connection MARK?
>
> Packet MARK should be available via normal getsockopt, if at all..
>
> connection MARK needs a netfilter netlink request via
> libnetfilter-conntrack.
In that case. connection MARK. I didn't realise there were two, its was
apparently changeable half-way through a flow which made me think it was
packets-based.
>
> Regards
> Henrik
> who incidently happens to be original author of netfilter CONNMARK
> some
> generations ago, long before there was netlink support for querying
> conntrack like this
Well done. Its a great feature.
Amos
Received on Wed Mar 21 2012 - 21:21:39 MDT
This archive was generated by hypermail 2.2.0 : Thu Mar 22 2012 - 12:00:06 MDT