1*a71a9546SAutomerger Merge WorkerThis module sets the netfilter mark value associated with a connection. The 2*a71a9546SAutomerger Merge Workermark is 32 bits wide. 3*a71a9546SAutomerger Merge Worker.TP 4*a71a9546SAutomerger Merge Worker\fB\-\-set\-xmark\fP \fIvalue\fP[\fB/\fP\fImask\fP] 5*a71a9546SAutomerger Merge WorkerZero out the bits given by \fImask\fP and XOR \fIvalue\fP into the ctmark. 6*a71a9546SAutomerger Merge Worker.TP 7*a71a9546SAutomerger Merge Worker\fB\-\-save\-mark\fP [\fB\-\-nfmask\fP \fInfmask\fP] [\fB\-\-ctmask\fP \fIctmask\fP] 8*a71a9546SAutomerger Merge WorkerCopy the packet mark (nfmark) to the connection mark (ctmark) using the given 9*a71a9546SAutomerger Merge Workermasks. The new nfmark value is determined as follows: 10*a71a9546SAutomerger Merge Worker.IP 11*a71a9546SAutomerger Merge Workerctmark = (ctmark & ~ctmask) ^ (nfmark & nfmask) 12*a71a9546SAutomerger Merge Worker.IP 13*a71a9546SAutomerger Merge Workeri.e. \fIctmask\fP defines what bits to clear and \fInfmask\fP what bits of the 14*a71a9546SAutomerger Merge Workernfmark to XOR into the ctmark. \fIctmask\fP and \fInfmask\fP default to 15*a71a9546SAutomerger Merge Worker0xFFFFFFFF. 16*a71a9546SAutomerger Merge Worker.TP 17*a71a9546SAutomerger Merge Worker\fB\-\-restore\-mark\fP [\fB\-\-nfmask\fP \fInfmask\fP] [\fB\-\-ctmask\fP \fIctmask\fP] 18*a71a9546SAutomerger Merge WorkerCopy the connection mark (ctmark) to the packet mark (nfmark) using the given 19*a71a9546SAutomerger Merge Workermasks. The new ctmark value is determined as follows: 20*a71a9546SAutomerger Merge Worker.IP 21*a71a9546SAutomerger Merge Workernfmark = (nfmark & ~\fInfmask\fP) ^ (ctmark & \fIctmask\fP); 22*a71a9546SAutomerger Merge Worker.IP 23*a71a9546SAutomerger Merge Workeri.e. \fInfmask\fP defines what bits to clear and \fIctmask\fP what bits of the 24*a71a9546SAutomerger Merge Workerctmark to XOR into the nfmark. \fIctmask\fP and \fInfmask\fP default to 25*a71a9546SAutomerger Merge Worker0xFFFFFFFF. 26*a71a9546SAutomerger Merge Worker.IP 27*a71a9546SAutomerger Merge Worker\fB\-\-restore\-mark\fP is only valid in the \fBmangle\fP table. 28*a71a9546SAutomerger Merge Worker.PP 29*a71a9546SAutomerger Merge WorkerThe following mnemonics are available for \fB\-\-set\-xmark\fP: 30*a71a9546SAutomerger Merge Worker.TP 31*a71a9546SAutomerger Merge Worker\fB\-\-and\-mark\fP \fIbits\fP 32*a71a9546SAutomerger Merge WorkerBinary AND the ctmark with \fIbits\fP. (Mnemonic for \fB\-\-set\-xmark 33*a71a9546SAutomerger Merge Worker0/\fP\fIinvbits\fP, where \fIinvbits\fP is the binary negation of \fIbits\fP.) 34*a71a9546SAutomerger Merge Worker.TP 35*a71a9546SAutomerger Merge Worker\fB\-\-or\-mark\fP \fIbits\fP 36*a71a9546SAutomerger Merge WorkerBinary OR the ctmark with \fIbits\fP. (Mnemonic for \fB\-\-set\-xmark\fP 37*a71a9546SAutomerger Merge Worker\fIbits\fP\fB/\fP\fIbits\fP.) 38*a71a9546SAutomerger Merge Worker.TP 39*a71a9546SAutomerger Merge Worker\fB\-\-xor\-mark\fP \fIbits\fP 40*a71a9546SAutomerger Merge WorkerBinary XOR the ctmark with \fIbits\fP. (Mnemonic for \fB\-\-set\-xmark\fP 41*a71a9546SAutomerger Merge Worker\fIbits\fP\fB/0\fP.) 42*a71a9546SAutomerger Merge Worker.TP 43*a71a9546SAutomerger Merge Worker\fB\-\-set\-mark\fP \fIvalue\fP[\fB/\fP\fImask\fP] 44*a71a9546SAutomerger Merge WorkerSet the connection mark. If a mask is specified then only those bits set in the 45*a71a9546SAutomerger Merge Workermask are modified. 46*a71a9546SAutomerger Merge Worker.TP 47*a71a9546SAutomerger Merge Worker\fB\-\-save\-mark\fP [\fB\-\-mask\fP \fImask\fP] 48*a71a9546SAutomerger Merge WorkerCopy the nfmark to the ctmark. If a mask is specified, only those bits are 49*a71a9546SAutomerger Merge Workercopied. 50*a71a9546SAutomerger Merge Worker.TP 51*a71a9546SAutomerger Merge Worker\fB\-\-restore\-mark\fP [\fB\-\-mask\fP \fImask\fP] 52*a71a9546SAutomerger Merge WorkerCopy the ctmark to the nfmark. If a mask is specified, only those bits are 53*a71a9546SAutomerger Merge Workercopied. This is only valid in the \fBmangle\fP table. 54