Marks "1-3" are used for marking source-natted packets on the
interfaces and 4 up to 6 for TOS and QOS. The mark "32" is used by IPsec.
See commit:
f5ad510e3c0f416a1507999f5ad20ab171df9c07
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
nfq:
mode: repeat
- repeat-mark: 2
- repeat-mask: 2
+ repeat-mark: 16
+ repeat-mask: 16
# bypass-mark: 1
# bypass-mask: 1
# route-queue: 2
network_zones=( red green blue orange )
# Mark and Mask options.
-MARK="0x2"
-MASK="0x2"
+MARK="0x16"
+MASK="0x16"
# PID file of suricata.
PID_FILE="/var/run/suricata.pid"