how can i identify the icmp packet ?.

[saravanang86]

Hi.,
how to identify the icmp packets & marking .....
this below icmp packets marking is not working....

iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN

with the help of port no or any other how can i identify the icmp packet ?...

This below two is working fine
iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN


iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN
Regads
Saravanan G

[Kloschüssel]

What makes you believe it doesn't work? Have you checked the rule counter while you were generating ping packets? I can't see any error here:

iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN

But you may have a strangely obstructed prerouting table. Please post:

Code:

iptables -L

You may should also consider to mark only a strict subset of all icmp messages. Maybe only the ones with type 8 and 0 (echo request, echo reply). Furthermore a final rule that marks all messages that were not marked yet could be helpful for debugging purposes. In that case you could see the rule counter increasing when packets are not correctly marked by other rules:

Code:

iptables -t mangle -A PREROUTING -j MARK --set-mark 0x15