retitle 521827 doesn't support !mark in connmark or MARK filters thanks The same applies to the mark keyword of the 'MARK' match. Here's the complete patch:
------------------------------------------------------------ diff --git a/src/ferm b/src/ferm index 4845cfe..89dcaca 100755 --- a/src/ferm +++ b/src/ferm @@ -234,7 +234,7 @@ add_match_def 'comment', qw(comment=s); add_match_def 'condition', qw(condition!); add_match_def 'connbytes', qw(!connbytes connbytes-dir connbytes-mode); add_match_def 'connlimit', qw(!connlimit-above connlimit-mask); -add_match_def 'connmark', qw(mark); +add_match_def 'connmark', qw(!mark); add_match_def 'conntrack', qw(ctstate=c ctproto ctorigsrc! ctorigdst!), qw(ctreplsrc! ctrepldst! ctstatus ctexpire=s); add_match_def 'dscp', qw(dscp dscp-class); @@ -254,7 +254,7 @@ add_match_def 'ipv6header', qw(header!=c soft*0); add_match_def 'length', qw(length!); add_match_def 'limit', qw(limit=s limit-burst=s); add_match_def 'mac', qw(mac-source!); -add_match_def 'mark', qw(mark); +add_match_def 'mark', qw(!mark); add_match_def 'multiport', qw(source-ports!&multiport_params), qw(destination-ports!&multiport_params ports!&multiport_params); add_match_def 'nth', qw(every counter start packet); ------------------------------------------------------------ -- dam JabberID: d...@jabber.minus273.org
signature.asc
Description: Digital signature
