Where is the iptables MARK location in my case?
In my Server, I emptied all the iptables rules, and then add below rule:
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
I can check it:
[root@localhost go-tproxy]# iptables -n -L -t mangle
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DIVERT tcp -- 0.0.0.0/0 0.0.0.0/0 socket
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain DIVERT (1 references)
target prot opt source destination
MARK all -- 0.0.0.0/0 0.0.0.0/0 MARK set 0x1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
You see the MARK set 0x1
tag in rules,
and then I useping www.demo.com
and `curl -vo 1 'https://google.com' to test the data. and I capture the packages by wireshark, you can check:
https://github.com/moonshineBoy/paste...
I didn't find the location of the MARK set 0x1 in capture-https.pcapng
, please tell me where is the MARK location.