> I do not how to use match string to deny kazaa traffic, if I put the word > kazaa only http content is deny but the kazaa aplication is running, are > there special commands to match string? Try something like this: iptables -A PREROUTING -t mangle -j CONNMARK --restore-mark iptables -A PREROUTING -t mangle -m mark ! --mark 0 -j ACCEPT iptables -A PREROUTING -t mangle -m string --string "X-Kazaa" -j MARK --set-mark 1 iptables -A PREROUTING -t mangle -j CONNMARK --save-mark (Requires mark, connmark and string netfilter modules) tc qdisc add dev eth0 root handle 1: htb default 11 tc class add dev eth0 parent 1: classid 1:1 htb rate 10Mbps ceil 10Mbps burst 2k tc class add dev eth0 parent 1:1 classid 1:10 htb rate 1Mbps ceil 1Mbps burst 2k tc class add dev eth0 parent 1:1 classid 1:11 htb rate 9Mbps ceil 10Mbps burst 2k tc filter add dev eth0 parent 1: protocol ip prio 3 handle 1 fw classid 1:10 Rubens _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
