2

I have some custom VPN code, written in C, which uses a Linux tun device.

Is it possible for this user-space code to see iptables marks that were attached to packets? Or do those marks not propagate as far as a tun interface?

fadedbee
  • 42,671
  • 44
  • 178
  • 308
  • My 2 cents: you may try iptables "NFLOG" rules on tun device to explicitly send packets to userspace for further analyzing http://ipset.netfilter.org/iptables-extensions.man.html#lbDI –  Jul 17 '19 at 10:31

0 Answers0