My real interest is in basic understanding first, and then solving a real problem second.
Example: Firewall Public NIC 123.123.123.1 Firewall Private NIC 192.168.168.1 Dedicated Video Conferencing equipment @ 192.168.168.100
I'd like to write a rule that says any traffic emanating from the private .100 box gets 128kbit of bandwidth out of a T1's total 1.55mbit as the traffic heads out on to the Internet to find the other end of the Video Conference.
The shaping occurs on the Public NIC, but the only address I have to work with is a private address. By time the traffic hits the public NIC and tc rules are applied, I suspect the packet no longer has a source IP of private .100, but has been NAT'd to the public NIC address. There's no way to distinguish private .100's traffic via IP address. by time the tc filters are queried. Is that correct?
What methods are available to do this? I can think of marking all the packets on the private side then looking for the marks on the public side. Or, NAT private.100 to a specific Public IP and then write rules for that new Public IP. What other options are there?
-- Bill Gradwohl bill@xxxxxxx http://www.ycc.com SPAMstomper Protected email
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
