Hello: Ivan Lopez wrote, > but, because of the above commented behavior of the passive mode, you > cannot predict which ports will be used by your clients... and i don't > know any *good* thing for matching accurately this ftp passive > connections (anyone else here knows how :?) And that is exactly my problem - You never know what ports will be opened for ftp data transfer and hence cannot "catch" them. Since the FTP data port is unpredictable, what i have temporarily done is to use a dedicated class of 1.5Mbit solely for HTTP traffic and the remainder of .5Mbit is used for "other" traffic on a 2Mbit link. This is not a perfect solution but it makes sure that http traffic is not affected. Looks like there is no straight forward solution for shaping FTP traffic using Linux. How do routers and other traffic management appliances handle FTP traffic shaping anyway? Is it possible to use the Iptable's "established,related" functions to mark FTP data traffic and then use the "fw" classifier on it? -- Emperor Palpatine: Everything that has transpired has done so according to my design.
