I would have thought that you could use ebtables or the bridge-nf firewall code to do firewall marking, then use tc to filter on firewall mark as usual. Have a look at <http://ebtables.sourceforge.net/> Alternatively, use ARP as suggested before, though you will have to rerun it every time their IP changes. Andrew :From: "Joachim Wickman" <jwickman@xxxxxxx> :To: <lartc@xxxxxxxxxxxxxxx> :Date: Thu, 12 Jun 2003 21:03:43 +0300 :Subject: [LARTC] HTB and TC on MAC addresses :This is a multi-part message in MIME format. :------=_NextPart_000_0048_01C33126.1B78DD90 :I've searched the archive for a solution where I want to limit/shape = :WLAN users. I only know's their MAC, because they get their IP from = :dhcp. > Why not, just use negative offsets with U32 to access >the 14-byte eth frame header before the IP header: > >Decimal Ofs Description >----------------------------------- >-14: DST MAC, 6 bytes >-8: SRC MAC, 6 bytes >-2: Eth PROTO, 2 bytes, eg. ETH_P_IP >0: Protocol header (IP Header) > :Is the above true? If so, can you give me an example with MAC address = :00:04:e2:5f:eb:e4. :And, is it possible to shape so everyone gets 256kbit each?
