No..
I had proved that
My configuration works well
I think CBQ stack below the iptables stack program, and
almost 'stay at' layer 2 networking.
had you proved with OUTPUT chain to limit bandwidth ?
cause, I had tried when limit with PREROUTING chain, the result is not satisfied.
Johan
On Wed, May 16, 2001 at 07:30:57PM -0400, Ramin Alidousti wrote:
> Aren't you making any mistake here, Johan? OUTPUT chain is meant
> for the outgoing packets from the firewall itself. What Jaco is
> doing is receiving packets from the network which will never pass
> the OUTPUT chain.
>
> Ramin
>
> On Thu, May 17, 2001 at 06:29:00AM -0400, johan@xxxxxxxxxxxxxx wrote:
>
> > I had ever met this condition
> > I change chain rule at iptables,try like this
> >
> > iptables -I OUTPUT -t mangle -p tcp -s 0/0 -d 192.168.62.0/24 -j MARK
> > --set-mark 1
> >
> > and it works.
> >
> > Regards
> >
> > Johan
> >
> > On Wed, May 16, 2001 at 11:07:07AM -0400, Ramin Alidousti wrote:
> > > I assume that the packets come in on eth0, right? And I'm not sure
> > > if the mangle table sees the destination as 192.168.62.0/24 or as
> > > the original destination address. Try this:
> > >
> > > iptables -A PREROUTING -t mangle -p tcp -i eth0 -d 192.168.62.0/24 \
> > > -j MARK --set-mark 1
> > >
> > > If it doesn't work, try:
> > >
> > > iptables -A PREROUTING -t mangle -p tcp -i eth0 -d <orig dst IP's>
> > > -j MARK --set-mark 1
> > >
> > > Hope it works,
> > > Ramin
--
-�'-
(o o)
---------ooO--(_)--Ooo-------------------------------------------------
( )/ \( )( ) ( ) ( \( ) Visit us at http://www.pinguind.co.id
__)(( () ))__( /__\ ) ( Feel free to contact me at ICQ #47240718
(___/ \__/(_)(_)(_)(_)(_)\_) email:johan@xxxxxxxxxxxxxx
-----------------------------------------------------------------------
