On Thursday 29 May 2003 14:55, Szymon Miotk wrote:
> I want to limit each user in my network to have limited bandwidth (let's
> say 256/128 kbit).
> I use NAT (done with iptables).
> Can I limit users on the outgoing interface using u32 using rules like:
>
> tc filter add dev eth0 parent 1: protocol ip prio 17 u32 match ip src
> 10.10.10.10 flowid 1:10
>
> It seem I made a mistake somewhere or NAT is done before routing and I
> must use iptables mangling.
The src address is indeed rewritten. So you have to mark the packets with
iptables before natting and use that mark with the fw filter.
> BTW what is the maximum for --set-mark ?
Mark is 32 or so, so you can go pretty high.
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
