Dear Victor, When I set 1/1 mark for repeat mode whole traffic comes through the "iptables -A INPUT -p tcp -m mark --mark 0x1/0x1 -m tcp --dport 80 -j ACCEPT" rule. That does not make any sense for "mark" feature... 2012/7/10 Victor Julien <victor at inliniac.net>: > You can't set marks in rules if your not receiving packet. Did you try > my suggestion?