diff --git a/0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch b/0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch
new file mode 100644
index 0000000..0813ef1
--- /dev/null
+++ b/0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch
@@ -0,0 +1,26 @@
+From 45664de1be104ce9716227a0ad11ef2343ece3df Mon Sep 17 00:00:00 2001
+From: Phil Sutter <psutter@redhat.com>
+Date: Fri, 16 Jul 2021 21:51:49 +0200
+Subject: [PATCH] extensions: SECMARK: Use a better context in test case
+
+RHEL SELinux policies don't allow setting
+system_u:object_r:firewalld_exec_t:s0 context. Use one instead which has
+'packet_type' attribute (identified via
+'seinfo -xt | grep packet_type').
+---
+ extensions/libxt_SECMARK.t | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/extensions/libxt_SECMARK.t b/extensions/libxt_SECMARK.t
+index 39d4c09348bf4..295e7a7244902 100644
+--- a/extensions/libxt_SECMARK.t
++++ b/extensions/libxt_SECMARK.t
+@@ -1,4 +1,4 @@
+ :INPUT,FORWARD,OUTPUT
+ *security
+--j SECMARK --selctx system_u:object_r:firewalld_exec_t:s0;=;OK
++-j SECMARK --selctx system_u:object_r:ssh_server_packet_t:s0;=;OK
+ -j SECMARK;;FAIL
+-- 
+2.34.1
+
diff --git a/iptables.spec b/iptables.spec
index 8688399..b6b263a 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -16,7 +16,7 @@ Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities
 URL: https://www.netfilter.org/projects/iptables
 Version: 1.8.7
-Release: 27%{?dist}
+Release: 28%{?dist}
 Source: %{url}/files/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
@@ -54,6 +54,7 @@ Patch22: 0022-ebtables-Dump-atomic-waste.patch
 Patch23: 0023-nft-Fix-for-non-verbose-check-command.patch
 Patch24: 0024-tests-shell-Assert-non-verbose-mode-is-silent.patch
 Patch25: 0025-extensions-SECMARK-Implement-revision-1.patch
+Patch26: 0026-extensions-SECMARK-Use-a-better-context-in-test-case.patch
 
 # pf.os: ISC license
 # iptables-apply: Artistic 2.0
@@ -469,6 +470,9 @@ fi
 %ghost %{_mandir}/man8/ebtables.8.gz
 
 %changelog
+* Wed Feb 16 2022 Phil Sutter <psutter@redhat.com> - 1.8.7-28
+- extensions: SECMARK: Use a better context in test case
+
 * Fri Jan 28 2022 Phil Sutter <psutter@redhat.com> - 1.8.7-27
 - extensions: SECMARK: Implement revision 1