hrmmm, ok after trying out "tc" for the last week i've noticed it is not even nearly as powerfull as netfilter. is still have the same problem with dropping packets as i did before, it seems to break some connections (i'm not dropping SYN packets, or any ones which are in state NEW), only those related & established. is there anything i shouldn't drop?, like specific combinations of flags? would it be better if i dropped every second packet when a limit is exceeded rathat than everything? i really need advice on this :( Regards Nigel
