set mark for locally generated traffic in OUTPUT chain

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
author: Daniel Golle <daniel@makrotopia.org> 2016-04-28 14:25:02 +0200
committer: Jo-Philipp Wich <jo@mein.io> 2016-04-28 16:02:14 +0200
commit: e92392db91f6eb50288f33ccf63475aa7b9babdd (patch)
tree: 468db1358005303291ce5846d98d544b6bcc8fce
parent: 4e11ee37044dfd09d39054915c23722c48633d60 (diff)
download: firewall3-e92392db91f6eb50288f33ccf63475aa7b9babdd.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/rules.c b/rules.c
index 756c78d..e20442e 100644
--- a/rules.c
+++ b/rules.c
@@ -270,7 +270,7 @@ append_chain(struct fw3_ipt_rule *r, struct fw3_rule *rule)
 	{
 		snprintf(chain, sizeof(chain), "zone_%s_notrack", rule->src.name);
 	}
-	else if (rule->target == FW3_FLAG_MARK)
+	else if (rule->target == FW3_FLAG_MARK && (rule->_src || rule->src.any))
 	{
 		snprintf(chain, sizeof(chain), "PREROUTING");
 	}
author	Daniel Golle <daniel@makrotopia.org>	2016-04-28 14:25:02 +0200
committer	Jo-Philipp Wich <jo@mein.io>	2016-04-28 16:02:14 +0200
commit	e92392db91f6eb50288f33ccf63475aa7b9babdd (patch)
tree	468db1358005303291ce5846d98d544b6bcc8fce
parent	4e11ee37044dfd09d39054915c23722c48633d60 (diff)
download	firewall3-e92392db91f6eb50288f33ccf63475aa7b9babdd.tar.gz