Patch90523: linux-2.6-523-raw-sockets.patch
Patch90524: linux-2.6-524-peercred.patch
Patch90525: linux-2.6-525-sknid-elevator.patch
-#
-#Patch90527: linux-2.6-527-iptables-classify-add-mark.patch
-#
+Patch90527: linux-2.6-527-iptables-classify-add-mark.patch
Patch90530: linux-2.6-530-built-by-support.patch
# /proc/sys/vm/panic_on_oom ?
#Patch90540: linux-2.6-540-oom-kill.patch
ApplyPatch linux-2.6-523-raw-sockets.patch
ApplyPatch linux-2.6-524-peercred.patch
ApplyPatch linux-2.6-525-sknid-elevator.patch
-#
-#ApplyPatch linux-2.6-527-iptables-classify-add-mark.patch
-#
+ApplyPatch linux-2.6-527-iptables-classify-add-mark.patch
ApplyPatch linux-2.6-530-built-by-support.patch
#ApplyPatch linux-2.6-540-oom-kill.patch
ApplyPatch linux-2.6-550-raise-default-nfile-ulimit.patch
--- /dev/null
+commit 7645485eee60c03a4cbc0139d4848c6b8bf1ad39
+Author: root <root@rhel6.(none)>
+Date: Thu Apr 29 18:34:50 2010 -0400
+
+ linux-2.6-527-iptables-classify-add-mark.patch
+
+diff --git a/include/linux/netfilter/xt_CLASSIFY.h b/include/linux/netfilter/xt_CLASSIFY.h
+index a813bf1..c5cec1d 100644
+--- a/include/linux/netfilter/xt_CLASSIFY.h
++++ b/include/linux/netfilter/xt_CLASSIFY.h
+@@ -5,6 +5,7 @@
+
+ struct xt_classify_target_info {
+ __u32 priority;
++ __u8 add_mark;
+ };
+
+ #endif /*_XT_CLASSIFY_H */
+diff --git a/net/netfilter/xt_CLASSIFY.c b/net/netfilter/xt_CLASSIFY.c
+index 011bc80..5732034 100644
+--- a/net/netfilter/xt_CLASSIFY.c
++++ b/net/netfilter/xt_CLASSIFY.c
+@@ -32,6 +32,8 @@ classify_tg(struct sk_buff *skb, const struct xt_target_param *par)
+ const struct xt_classify_target_info *clinfo = par->targinfo;
+
+ skb->priority = clinfo->priority;
++ if (clinfo->add_mark)
++ skb->priority += skb->mark;
+ return XT_CONTINUE;
+ }
+