On Fri, 21 Feb 2003 23:43:58 +0200, Mika Liljeberg said:
> That's right. Unfortunately, the way most people *will* deal with it is
> by turning ECN off permanently and forgetting about it. That won't help
> ECN become widely adopted.
That's what I'm trying to avoid doing. ;)
(As an aside, yes, the URL to the previous marc.theaimsgroup thread *is*
what I'm talking about).
It turns out that I *CAN* do it all with iptables *IF* the following
untested code actually works (this assumes that mangle is re-called on
a retransmit)
# If we've already marked this packet, strip/log/send...
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 --ecn-tcp-remove
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j LOG
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --mark 99 -j ACCEPT
# Else tag it - if it makes it on the first try, good. If not, re-enter above
iptables -t mangle -A OUTPUT -p tcp --syn -m mark --set-mark 99
Does the mangle/output chain get called again for a retransmitted
packet, or only once?
/Valdis
--==_Exmh_1325935527P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE+VqK1cC3lWbTT17ARAqREAKD+JikcCfss0CZnwPeERBxk6kks8QCdF5CI
r8e/aYoHssB4brFdmHpSCxQ=
=nX4u
-----END PGP SIGNATURE-----
--==_Exmh_1325935527P--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/