How use -j MARK in the iptables from the SLES11SP1 ?

SUSE Product Topics SLES Configure-Administer
1

before SP1 for SLES11 was:
modprobe ipt_MARK
/sbin/ip route add default via 195.184.209.241 dev vlan107 table
todipt
/sbin/ip rule add fwmark 0x21 lookup todipt

/usr/sbin/iptables -t mangle -I PREROUTING -i $LINT -s 172.16.16.184 -j
MARK --set-mark 0x21

After apply SP1 for SLES11 this construction has stopped operation !!!
Probably that has stopped to work marking of packets…

Which one module need use in the iptables for “-j MARK” in the
SLES11SP1 ?

Serg


skoltogyan

skoltogyan’s Profile: http://forums.novell.com/member.php?userid=9261
View this thread: http://forums.novell.com/showthread.php?t=444541

2

skoltogyan,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

  • Visit http://support.novell.com and search the knowledgebase and/or check all
    the other self support options and support programs available.
  • You could also try posting your message again. Make sure it is posted in the
    correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://forums.novell.com/

3

On Mon, 12 Sep 2011 07:06:02 GMT
skoltogyan skoltogyan@no-mx.forums.novell.com wrote:
[color=blue]

before SP1 for SLES11 was:
modprobe ipt_MARK
/sbin/ip route add default via 195.184.209.241 dev vlan107 table
todipt
/sbin/ip rule add fwmark 0x21 lookup todipt

/usr/sbin/iptables -t mangle -I PREROUTING -i $LINT -s 172.16.16.184
-j MARK --set-mark 0x21

After apply SP1 for SLES11 this construction has stopped operation !!!
Probably that has stopped to work marking of packets…

Which one module need use in the iptables for “-j MARK” in the
SLES11SP1 ?

Serg

[/color]
Hi
There is no module ipt_MARK, there is however xt_MARK with an alias of
ipt_MARK.
[/CODE]
modinfo xt_MARK
filename: /lib/modules/2.6.32.45-0.3-pae/kernel/net/netfilter/xt_MARK.ko
alias: ip6t_MARK
alias: ipt_MARK
description: Xtables: packet mark modification
author: Marc Boucher marc@mbsi.ca
license: GPL
srcversion: F6BCAA87AE9351361D8D73C
depends: x_tables
supported: yes
vermagic: 2.6.32.45-0.3-pae SMP mod_unload modversions 686
[/CODE]


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.4 (x86_64) Kernel 2.6.37.6-0.7-desktop
up 3 days 19:50, 4 users, load average: 0.16, 0.27, 0.34
GPU GeForce 8600 GTS Silent - Driver Version: 280.13

4

Hi,
Your recommendation to use xt_MARK instead of ipt_MARK after update to
SLES11SP1?

Serg


amaltsev1

amaltsev1’s Profile: http://forums.novell.com/member.php?userid=8964
View this thread: http://forums.novell.com/showthread.php?t=444541

5

On Mon, 19 Sep 2011 07:16:01 GMT
amaltsev1 amaltsev1@no-mx.forums.novell.com wrote:
[color=blue]

Hi,
Your recommendation to use xt_MARK instead of ipt_MARK after update to
SLES11SP1?

Serg

[/color]
Hi
No was pointing out that it aliases to the xt_mark module, there were
some issues with the older iptables…

@OP so what is the error your seeing or it just doesn’t work as
expected?


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.4 (x86_64) Kernel 2.6.37.6-0.7-desktop
up 6 days 16:13, 3 users, load average: 0.01, 0.10, 0.14
GPU GeForce 8600 GTS Silent - Driver Version: 280.13

6

malcolmlewis;2138547 Wrote:[color=blue]

On Mon, 19 Sep 2011 07:16:01 GMT
amaltsev1 amaltsev1@no-mx.forums.novell.com wrote:
[color=green]

Hi,
Your recommendation to use xt_MARK instead of ipt_MARK after update[/color]
to[color=green]
SLES11SP1?

Serg

[/color]
Hi
No was pointing out that it aliases to the xt_mark module, there were
some issues with the older iptables…

@OP so what is the error your seeing or it just doesn’t work as
expected?


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 11.4 (x86_64) Kernel 2.6.37.6-0.7-desktop
up 6 days 16:13, 3 users, load average: 0.01, 0.10, 0.14
GPU GeForce 8600 GTS Silent - Driver Version: 280.13[/color]

before SP1 for SLES11 was:
modprobe ipt_MARK
/sbin/ip route add default via 195.184.209.241 dev vlan107 table
todipt
/sbin/ip rule add fwmark 0x21 lookup todipt

/usr/sbin/iptables -t mangle -I PREROUTING -i $LINT -s 172.16.16.184 -j
MARK --set-mark 0x21

After apply SP1 for SLES11 this construction has stopped operation !!!
Probably that has stopped to work marking of packets…

Serg


skoltogyan

skoltogyan’s Profile: http://forums.novell.com/member.php?userid=9261
View this thread: http://forums.novell.com/showthread.php?t=444541