Re: [LARTC] htb parameter problem

Kertész Viktor <kviktor@xxxxxxxxxx> · 10 Mar 2003 14:01:34 +0100

Hi,

> 
> iptables -t mangle -A FORWARD -p tcp -o eth0 -s 0/0 --dport ftp -d 0/0 -j MARK --set-mark 2
> iptables -t mangle -A PREROUTING -p tcp -i eth0 -s 0/0 --dport ftp -d 0/0 -j MARK --set-mark 2
> iptables -t mangle -A FORWARD -p tcp -o eth0 -s 0/0 --dport ftp-data -d 0/0 -j MARK --set-mark 7
> iptables -t mangle -A PREROUTING -p tcp -i eth0 -s 0/0 --dport ftp-data -d 0/0 -j MARK --set-mark 7
> iptables -t mangle -A FORWARD -p tcp -o eth0 -s 0/0 --dport http -d 0/0 -j MARK --set-mark 5

instead of --dport ftp-data/ftp use -m helper --helper "ftp". Match for 
port does not work because of the nature of ftp. (passive mode) This can
be tricky.

Viktor

Re: [LARTC] htb parameter problem

Linux Advanced Routing and Traffic Control