Andy Furniss wrote:
Does exists solution how to NAT and MARK in PREROUTING, but in this order?
If you really need to shape for local and forwarded on ingress then you use IMQ + the IMQ NAT patch and use u32 to filter on dst IP (if you are masquerading a dynamic IP mark LAN traffic and use default for local).
It sounds good, but can you be more conrete?
If the traffic to local is not "bulk" ie just dns or ntp etc. then it
Sometimes it is 'bulk' - FTP etc.
would be less trouble to ignore it and just shape on your LAN facing
Sorry, I forgot write that I have 3 LAN interfaces, so IMQ is only way how to do it.
Thanks Patrick
interface marking on dst in postrouting or using u32 on dst - both should work, you may want to exclude traffic from server to LAN.
Andy.
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
