set mark for locally generated traffic in OUTPUT chain

author Daniel Golle <daniel@makrotopia.org>

Thu, 28 Apr 2016 12:25:02 +0000 (14:25 +0200)

committer Jo-Philipp Wich <jo@mein.io>

Thu, 28 Apr 2016 14:02:14 +0000 (16:02 +0200)
author Daniel Golle <daniel@makrotopia.org>
Thu, 28 Apr 2016 12:25:02 +0000 (14:25 +0200)
committer Jo-Philipp Wich <jo@mein.io>
Thu, 28 Apr 2016 14:02:14 +0000 (16:02 +0200)
diff --git a/rules.c b/rules.c

index 756c78dc47c9fa11ab4ff7af282ec0e53b70580c..e20442e0629025faa7051fbb3481ef40085d51ee 100644 (file)
--- a/rules.c
+++ b/rules.c
@@ -270,7 +270,7 @@ append_chain(struct fw3_ipt_rule *r, struct fw3_rule *rule)
         {
                 snprintf(chain, sizeof(chain), "zone_%s_notrack", rule->src.name);
         }
-       else if (rule->target == FW3_FLAG_MARK)
+       else if (rule->target == FW3_FLAG_MARK && (rule->_src || rule->src.any))
         {
                 snprintf(chain, sizeof(chain), "PREROUTING");
         }
author	Daniel Golle <daniel@makrotopia.org>
	Thu, 28 Apr 2016 12:25:02 +0000 (14:25 +0200)
committer	Jo-Philipp Wich <jo@mein.io>
	Thu, 28 Apr 2016 14:02:14 +0000 (16:02 +0200)