I assume that the packets come in on eth0, right? And I'm not sure if the mangle table sees the destination as 192.168.62.0/24 or as the original destination address. Try this: iptables -A PREROUTING -t mangle -p tcp -i eth0 -d 192.168.62.0/24 \ -j MARK --set-mark 1 If it doesn't work, try: iptables -A PREROUTING -t mangle -p tcp -i eth0 -d <orig dst IP's> -j MARK --set-mark 1 Hope it works, Ramin On Wed, May 16, 2001 at 04:52:30PM +0200, Jaco van der Schyff wrote: > I removed the comments from the file below, also this isnt the > complete file, but it should be enough to give you an idea what > I want to acheive. > > > > iptables -A PREROUTING -t mangle -p tcp -s 0/0 -d 192.168.62.0/24 -j > MARK \ > --set-mark 1 > > tc qdisc add dev eth1 root handle 10: cbq bandwidth 64Kbit avpkt 1000 > > tc class add dev eth1 parent 10:0 classid 10:1 cbq bandwidth 64Kbit rate > \ > 64Kbit allot 1514 weight 6Kbit prio 8 maxburst 20 avpkt 1000 > > tc class add dev eth1 parent 10:1 classid 10:100 cbq bandwidth 64Kbit > rate \ > 32Kbit allot 1514 weight 3Kbit prio 5 maxburst 20 avpkt 100 bounded > > tc qdisc add dev eth1 parent 10:100 sfq quantum 1514b perturb 15 > > tc filter add dev eth1 protocol ip parent 10:1 prio 100 handle 1 fw > classid 1:100 > > > > > Regards > - Jaco van der Schyff > jvds@xxxxxxxxxxxxxx > > +27 12 803 7591 > +27 12 803 7285 (f) > +27 83 680 4922 (mobile) > > f6e2eb48937f22e159a408c84533cdcb > > > > Ramin Alidousti wrote: > > > > what is/are your setup/rules? It should work just fine. > > > > Ramin > > > > On Wed, May 16, 2001 at 04:32:00PM +0200, Jaco van der Schyff wrote: > > > > > Greetings earthlings, > > > > > > I am batteling to get NATted packets marked with iptables, > > > to shape them later using the fw filter. > > > > > > Has anyone tried to mark packets that are masqueraded, or > > > to shape masqueraded connections? > > > > > > It doesn't seem to work. > > > > > > If any knows what to do, please help.
