On Friday 12 September 2003 17:22, Szálka Tamás wrote: > At 19:15 2003. 09. 11.istory. +0200, you wrote: > > > The picture you have in http://www.docum.org/stef.coene/qos/kptd is > > > with (or without) the IMQ NAT patch? > > > >Without. In prerouting, you see that IMQ is before nat. > > > >Stef > > With the IMQ NAT patch the order is reversed? The filtering on > de-masqueraded addresses is only possible, if NAT is b e f o r e IMQ, isn't > it? Tom The nat in prerouting is also reponsible for rewriting the addresses of natted packets. So you want IMQ after nat so the packets entering the imq device have the real ip address. Stef -- stef.coene@xxxxxxxxx "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
