IMQ and NAT

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm trying to get IMQ working correctly as incoming on a box that is running SNAT.
 
I've modified imq.c so that it fires after IP_PRI_NAT_DST instead of mangle and am using tc filter commands to choose the flowid based on the destination address.  IMQ still seems to be firing before the system has reversed the SNAT.
 
scripts I'm using
 
  tc qdisc add dev imq0 root handle 1: htb default 20
 
  DOWNLINK=512
  LIMIT="ceil ${DOWNLINK}kbit"
 
  tc class add dev imq0 parent 1: classid 1:1 htb rate ${DOWNLINK}kbit

  tc class add dev imq0 parent 1:1 classid 1:10 htb rate 64kbit $LIMIT
  tc class add dev imq0 parent 1:1 classid 1:20 htb rate 64kbit $LIMIT
 
  tc qdisc add dev imq0 parent 1:10 handle 10: sfq
  tc qdisc add dev imq0 parent 1:20 handle 20: sfq
  tc filter add dev imq0 parent 1: protocol ip prio 1 u32 match ip dst 172.30.0.2/32 flowid 1:10
 
  iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 0
  iptables -t nat -A PREROUTING -s 172.30.0.0/24 -d ! 172.30.0.0/24 -j MASQUERADE
  ip link set imq0 up
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux