I have this Linux 2.4.20 box that does SNAT for the LAN.
To do some traffic control some packets are marked in the PREROUTING
chain in the mangle table:
$IPT -t mangle -A PREROUTING -i $DEV -m mac \
--mac-source 00:08:02:A3:84:B9 -j MARK --set-mark 99
What bothers me is that the counter in PREROUTING tends to grow faster
than the similar "-j ACCEPT"-rule in FORWARD.
I'd very much like to dump packets with tcpdump (or perhaps similar)
selecting on the fwmark so I can see what gets through and what does not.
How do I make tcpdump select on fwmark?
(RTFM, I do not find anything that looks like a solution in 'man
tcpdump', but then again I'm not a shark in this field.)
Mvh. / Best regards,
S* Suder <http://www.veryComputer.com/;
ICQ UIN 4133803