Hi, thank you for your support. Your idea, looking also at the source ip with the u32 filter works very well. Markus wningtung.leung wrote: >> On Fri, 18 May 2001 m.dages@xxxxxxx wrote: >> Ok, now I've read the Linux 2.4 Advance Routing Howto and some other >> documents that I could found about tc. All the examples describes an >> environment with a linux box that has 2 ethernet cards, but our router only >> have 1. This ony ethernet adapter (eth0) is bounded to the ppp0 device and >> handles the LAN traffic. >> Here's a short sheme: >> >> INTERNET <-----> [ ppp0/Dynamic IP --- Linux router --- >> eth0/192.168.100.250] <------> Office Lan 192.168.100.0/24 >It doesn't matter wether it's a eth or ppp device, just look at it as a >network interface and everything works fine. > >The solution I propose (haven't tested it though): > >Don't use firewall marks, but use the u32 filter instead. > >Look at the source and target IP and redirect the pakket to the correct >class. > >(source != router && dest = low_prio_host) -> slow_class >(source != router && dest = hi_prio_host) -> no_limit >(source == router) -> no_limit > >This is only an idea for the downstream, I haven't been thinking about >limitimg the upstream.
