|
version 1.1.1.1, 2013/07/29 19:37:40
|
version 1.1.1.2, 2021/03/17 00:56:46
|
|
Line 13 connection comes out of the other side. However, some
|
Line 13 connection comes out of the other side. However, some
|
| maintain that relationship through the proxy and continue the connection |
maintain that relationship through the proxy and continue the connection |
| mark on packets upstream of our proxy |
mark on packets upstream of our proxy |
| |
|
| DNSMasq includes such a feature enabled by the --conntrack | Dnsmasq includes such a feature enabled by the --conntrack |
| option. This allows, for example, using iptables to mark traffic from |
option. This allows, for example, using iptables to mark traffic from |
| a particular IP, and that mark to be persisted to requests made *by* |
a particular IP, and that mark to be persisted to requests made *by* |
| DNSMasq. Such a feature could be useful for bandwidth accounting, | Dnsmasq. Such a feature could be useful for bandwidth accounting, |
| captive portals and the like. Note a similar feature has been |
captive portals and the like. Note a similar feature has been |
| implemented in Squid 2.2 |
implemented in Squid 2.2 |
| |
|
|
Line 40 on IP address. 3) Saves the firewall mark back to the
|
Line 40 on IP address. 3) Saves the firewall mark back to the
|
| (which will persist it across related packets) |
(which will persist it across related packets) |
| |
|
| 4) is applied to the OUTPUT table, which is where we first see packets |
4) is applied to the OUTPUT table, which is where we first see packets |
| generated locally. DNSMasq will have already copied the firewall mark | generated locally. Dnsmasq will have already copied the firewall mark |
| from the request, across to the new packet, and so all that remains is |
from the request, across to the new packet, and so all that remains is |
| for iptables to copy it to the connection mark so it's persisted across |
for iptables to copy it to the connection mark so it's persisted across |
| packets. |
packets. |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to README CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / contrib / conntrack