On Thu, Apr 15, 2004 at 02:10:47PM +0300, Hasso Tepper wrote: > Alan Ford wrote: > > > The one thing you *cannot* do is mix "protocol ip" and "protocol > > ipv6" filters for filtering into a class. The second filter request > > returns with "Invalid argument". ... > > Is it possible to do a fwmark match without a protocol? Or is there > > any other way around my problem? > > I would like to have solution for this as well. At the moment I have > to use imq device per device and TBF because of that :(. Number of > imq devices is limited and many other annoying things. I discovered the answer to this problem was hidden in a totally unrelated post yesterday :) [most general filter rule] You can specify "protocol all" in filters, and still use fwmarks to identify traffic. I have been using this since yesterday and it appears to work perfectly, you can MARK packets with the same ID in both iptables and ip6tables, and filter them into the same class. -- Alan Ford * alan@xxxxxxxxxxxxxx _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
