From: Phil Sutter Date: Tue, 19 May 2020 23:00:57 +0000 (+0200) Subject: doc: libxt_MARK: OUTPUT chain is fine, too X-Git-Tag: v1.8.5~4 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7f0a69c8fe78da130cc52ea9fc35ffb9cbc2b8ef;p=thirdparty%2Fiptables.git doc: libxt_MARK: OUTPUT chain is fine, too In order to route packets originating from the host itself based on fwmark, mangle table's OUTPUT chain must be used. Mention this chain as alternative to PREROUTING. Fixes: c9be7f153f7bf ("doc: libxt_MARK: no longer restricted to mangle table") Signed-off-by: Phil Sutter --- diff --git a/extensions/libxt_MARK.man b/extensions/libxt_MARK.man index 712fb76f..b2408597 100644 --- a/extensions/libxt_MARK.man +++ b/extensions/libxt_MARK.man @@ -1,7 +1,7 @@ This target is used to set the Netfilter mark value associated with the packet. It can, for example, be used in conjunction with routing based on fwmark (needs -iproute2). If you plan on doing so, note that the mark needs to be set in the -PREROUTING chain of the mangle table to affect routing. +iproute2). If you plan on doing so, note that the mark needs to be set in +either the PREROUTING or the OUTPUT chain of the mangle table to affect routing. The mark field is 32 bits wide. .TP \fB\-\-set\-xmark\fP \fIvalue\fP[\fB/\fP\fImask\fP]