> Hi Thanks for your reply.One question - The lartc documentation says - > that in a NATed environment you should mark packets in the PREROUTING stage > while you have done in FORWARD stage - is that ok ? I did this on purpose because you can check for incoming and outgoing interface here (-i and -o). On my box I needed both options and as in PREROUTING only -i is available I had to take the FORWARD chain. This is working absolutely perfect with me. > Actually, I had asked > this question earlier in this forum and I was told to mark packets in the > PREROUTING stage. Similarly while receiving packets (downstream) on eth1 ; > which stage should I mark packets ? I am not that conversant with iptables. > TIA,Rajesh To my point of view it does NOT matter because you read out the mark for HTB in/after PREROUTING stage and it's not important where the mark has been set. If you don't need the -o option to identify the packets just replace FORWARD with PREROUTING ;-) Cheers, Mike -- COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -------------------------------------------------- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post
