On Saturday 08 March 2003 05:07, Martin A. Brown wrote: > : > What exactly do you mean here? Do you wish to use fwmark as a > : > selector for traffic control? > : > : Not sure if I mean fwmark. However Stef's docs are on my reading > : list. Basically I will want to simulate different types of firewalls > : per iprange. Meaning -- the basic firewall config I will allow > : anything out and only responses into the "network" and on a more evil > : admin type firewall I would like to block various ports from outbound > : access. > > I think you'll find iptables more than adequate. > > For the packet filtering, mangling/marking and NAT (if you need it), > you'll find iptables more than adequate. > > For traffic control, you'll use tc, which is part of the iproute2 package. > (Note, that the tc with htb support is currently only available via the > main HTB page, as a patch or binary.) > > : Which would be better ipchains or iptables? > > iptables if you have a choice. > > For iptables help: > > http://iptables-tutorial.frozentux.net/ An other reason is that you need kernel 2.4.x for the htb support so you need iptables. Ipchains is for kernel 2.2.x. Stef -- stef.coene@xxxxxxxxx "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net
