Re: [PATCH] Introducing socket mark socket option
From: Patrick McHardy <hidden>
Date: 2008-01-23 14:19:51
Also in:
linux-arch, netfilter-devel
Laszlo Attila Toth wrote:
A userspace program may wish to set the mark for each packets its send without using the netfilter MARK target. Changing the mark can be used mark based routing without netfilter or for packet filtering. It requires CAP_NET_ADMIN capability.
quoted hunk ↗ jump to hunk
@@ -403,6 +403,7 @@ static void icmp_reply(struct icmp_bxm *icmp_param, struct sk_buff *skb) { .daddr = daddr, .saddr = rt->rt_spec_dst, .tos = RT_TOS(ip_hdr(skb)->tos) } }, + .mark = sk->sk_mark,
This is useless, the icmp socket is not visible to userspace.
quoted hunk ↗ jump to hunk
--- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c
> ... What about IPv6?