Set mark to 0 from libnetfilter

Thread: Set mark to 0 from libnetfilter_conntrack

Search this list only Search all lists
Set mark to 0 from libnetfilter_conntrack
	2006-10-25 18:38:18
Hi, Damien Boucard from INL has discovered a bug in libnetfilter_conntrack : Mark can not be set to 0. After looking at the code I've found that we only change the mark if it is not set to 0 : if (ct->mark != 0) nfnl_addattr_l(&req->nlh, sizeof(buf), CTA_MARK, &mark, sizeof(u_int32_t)); What's the cleanest way to solve this. I don't see any mean to correct this except adding an IPS_CHANGE_MARK flag. Proposed patch is attached to the mail. BR, -- Eric Leblond <ericinl.fr> INL

[1]