On Wednesday 20 August 2003 12:06, Wayne wrote:
> I believe I am using fwmark as below. Any input would be appreciated:
>
>
> Here is part of the setup:
>
> iptables -A PREROUTING -t mangle -j CONNMARK --restore-mark
> iptables -A PREROUTING -t mangle -m mark ! --mark 0 -j ACCEPT
> iptables -A PREROUTING -m mark --mark 0 -p tcp --sport 21 -t mangle -j
> MARK --set-mark 14
> iptables -A PREROUTING -m mark --mark 0 -p tcp --sport 80 -t mangle -j
> MARK --set-mark 2
> iptables -A PREROUTING -m mark --mark 0 -p tcp --sport 3128 -t mangle -j
> MARK --set-mark 2
> iptables -A PREROUTING -t mangle -j CONNMARK --save-mark
>
> tc filter add dev eth1 parent 1:2 protocol ip prio 1 handle 2 fw classid
> 1:2a
>
>
> Here is part of /proc/net/ip_conntrack showing the packet is getting
> marked:
>
> tcp 6 431989 ESTABLISHED src=10.0.1.99 dst=196.34.2.188 sport=1838
> dport=3128 src=196.34.2.188 dst=10.0.1.99 sport=3128 dport=1838 [ASSURED]
> use=1 mark=2
>
> Here is part of the QOS class stats show no packets being picked up by the
> filter command:
>
> class htb 1:2 parent 1:1001 leaf 2a: prio 0 quantum 1500 rate 22Kbit ceil
> 120Kbit burst 1627b/8 mpu 0b cburst 1752b/8 mpu 0b level 0
> Sent 0 bytes 0 pkts (dropped 0, overlimits 0)
> lended: 0 borrowed: 0 giants: 0
> tokens: 473600 ctokens: 93492
>
> Thanks
Can you also post your filter rules ?
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
