I wan to share internet to these 12 PCs. But my traffic control is not working. I'm using IP Masquerading to route internet to the LAN eth0 - LAN interface eth1 - Internet interface this is my firs htb script: #!/bin/bash tc qdisc del dev eth1 root handle 1: tc qdisc add dev eth1 root handle 1: htb default 30 tc class add dev eth1 parent 1: classid 1:1 htb rate 25kbps ceil 48kbps #tc class add dev eth0 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:11 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:12 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:13 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:14 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:15 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:16 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:17 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:18 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:19 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:20 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:21 htb rate 4kbps ceil 48kbps tc class add dev eth1 parent 1:1 classid 1:22 htb rate 4kbps ceil 48kbps tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.10 classid 1:11 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.11 classid 1:12 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.13 classid 1:13 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.14 classid 1:14 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.15 classid 1:15 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.19 classid 1:16 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.20 classid 1:17 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.24 classid 1:18 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.29 classid 1:19 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.32 classid 1:20 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.33 classid 1:21 tc filter add dev eth1 parent 1:0 protocol ip prio 1 u32 match ip src 192.168.193.34 classid 1:22 I tryed to change the parent ID, the Interface -> nothing Stef told me that this is not working because of the NAT so I've changed the filter part: tc filter add dev eth1 parent 1:0 protocol ip handle 10 fw classid 1:1 tc filter add dev eth1 parent 1:0 protocol ip handle 11 fw classid 1:12 tc filter add dev eth1 parent 1:0 protocol ip handle 13 fw classid 1:13 tc filter add dev eth1 parent 1:0 protocol ip handle 14 fw classid 1:14 tc filter add dev eth1 parent 1:0 protocol ip handle 15 fw classid 1:15 tc filter add dev eth1 parent 1:0 protocol ip handle 19 fw classid 1:16 tc filter add dev eth1 parent 1:0 protocol ip handle 20 fw classid 1:17 tc filter add dev eth1 parent 1:0 protocol ip handle 24 fw classid 1:18 tc filter add dev eth1 parent 1:0 protocol ip handle 29 fw classid 1:19 tc filter add dev eth1 parent 1:0 protocol ip handle 32 fw classid 1:20 tc filter add dev eth1 parent 1:0 protocol ip handle 33 fw classid 1:21 tc filter add dev eth1 parent 1:0 protocol ip handle 34 fw classid 1:22 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.10 -j MARK -- set-mark 10 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.11 -j MARK -- set-mark 11 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.13 -j MARK -- set-mark 13 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.14 -j MARK -- set-mark 14 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.15 -j MARK -- set-mark 15 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.19 -j MARK -- set-mark 19 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.20 -j MARK -- set-mark 20 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.24 -j MARK -- set-mark 24 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.29 -j MARK -- set-mark 29 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.32 -j MARK -- set-mark 32 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.33 -j MARK -- set-mark 33 iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.34 -j MARK -- set-mark 34 I thing that this is wright but no! I've changed FORWARD with OUTUP. I tryed without specifying Interface -> still nothing. What is wrong? there is no filtration at all! Every packet is forwarded to the root class! You can guess what happens when someone from the LAN starts to dowload! My router box is: Slackware 9.0 (2.4.20 kernel) Thank you ------------------- изпратено от mail.bG Силна Анти-спам защита 12MB Място за поща SMS за нов емeйл и към двата оператора! POP3/WAP Достъп _________________________________________ HOB БEЗПЛATEH AДPEC - http://mail.bg/new/