diff options
| author | slioch <slioch@eng-140.vyatta.com> | 2009-06-17 12:53:38 -0700 |
|---|---|---|
| committer | slioch <slioch@eng-140.vyatta.com> | 2009-06-17 12:53:38 -0700 |
| commit | 02c414300e38d2c354bc74353328f7b456be2e24 (patch) | |
| tree | 04d192dd5883d9bfc1cb5d8c475ab24b5eed9f3b /src/lbdecision.cc | |
| parent | e0de322e2abdbcde8ee6d46f54edb4702d2dae5b (diff) | |
| download | vyatta-wanloadbalance-02c414300e38d2c354bc74353328f7b456be2e24.tar.gz vyatta-wanloadbalance-02c414300e38d2c354bc74353328f7b456be2e24.zip | |
filter on output table for packets already marked in the prerouting table
Diffstat (limited to 'src/lbdecision.cc')
| -rw-r--r-- | src/lbdecision.cc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/lbdecision.cc b/src/lbdecision.cc index 7b76f7b..fcc19d0 100644 --- a/src/lbdecision.cc +++ b/src/lbdecision.cc @@ -236,6 +236,7 @@ LBDecision::run(LBData &lb_data) //then if we do, flush all execute("iptables -t mangle -F PREROUTING", stdout); execute("iptables -t mangle -F OUTPUT", stdout); + execute("iptables -t mangle -A OUTPUT -m connmark ! --mark 0 -j ACCEPT", stdout); //avoid packets set in prerouting table //new request, bug 4112. flush conntrack tables if configured if (lb_data._flush_conntrack == true) { |