Re: Re: Confuse, putting packets in wrong mangle table.

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rio Martin. wrote: 
On Wed, 19 Jan 2005 09:19:58 +0100  Tóth Nándor <nug@xxxxxxxxxx> wrote:
Rio Martin. wrote:

Folks,
I am a little bit confuse in how to put these packets into correct mangle table for traffic shaping.
This is what i ve planned to do:

- - - - :eth0 [ LINUX-BOX ] eth1: - - - -

Let say:
eth0: 220.100.1.1
eth1: 192.168.1.1
eth1:1 192.168.1.2

192.168.1.0/24 get natted into 220.100.1.1 before reaching the internet.
I put every packets coming from internet (eth0) this way:
# iptables -t mangle -I PREROUTING -i eth0 .. * * * *

But what if i would like to do the same way with ip 192.168.1.1 and 192.168.1.2 ? How to put the packets in correct mangle table?

You can only shape traffic leaving your interface. You have to shape the incoming traffic at interface eth1, the outgoing traffic at interface eth0.
This site is great for learning:
http://www.knowplace.org/shaper/qdisc.html#egress
I found to use iptables+CLASSIFY method the easiest way to classify packets.

Your question is a little dizzy... 


Oopss sorry then :))

Actually, there is squid proxy running in my box, with those two private IPs (192.168.1.1 & 192.168.1.2)
Both get natted to 220.100.1.1. 

Is there only one proxy running?


I need to shape incoming traffic to both of these ips but i am affraid i have to face that i am not able to shape traffic which is generate from this box unless those two IPs were outside the box. 

Maybe true - maybe not you would need to test with imq.
There is also a kernel option to do with nat of local connections.


If i have one more public IP than i should not so much worry about, cause i can shape it using IMQ.

So any other ideas maybe? i'm thinkin just in case IMQ would help .. 

Possibly - but I don't understand your setup or what you want to shape :-)

Thanks for the info u gave anyway..

- Rio.Martin -
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/



_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux