Hi!
I have read all informations i could find, but some things are still not clear.
My setup is: ---INTERNET1(eth0)-\ /- Local net1 (eth2) GW ---INTERNET2(eth1)-/ \- Local net2 (eth3)
I have NAT and a working setup using HTB,SFQ, classifying with the iptables -j CLASSIFY way. I shape only the traffic coming from the internet heading to the intranet.
I would like to have a configuration like this: ---INTERNET1(eth0)-\ /- Local net1 (eth2) GW--imq0 ---INTERNET2(eth1)-/ \- Local net2 (eth3)
I think it can be done this way: iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 0 iptables -t mangle -A PREROUTING -i eth1 -j IMQ --todev 0
But it would include traffic heading to the gateway directly, wouldn't it?
Yes - but people often want this.
Can i put these rules to the POSTROUTING chain?
And i can still have my CLASSIFY targets in the POSTROUTING chain, because IMQ queing will happen after it according to http://lartc.org/howto/lartc.imq.html.
So for example:
$IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j CLASSIFY --set-class 1:30
$IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j CLASSIFY --set-class 1:30
$IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j RETURN
$IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j RETURN
If i managed to do this, i promise, i will document it to the imq wiki.
Any advice/help is appreciated!
You need to jump to imq in postrouting, classify should be done first ok try and see.
If you only want to shape forwarded traffic you could mark/classify using -i and -o in forward and then match on mark/class and -j IMQ in postrouting, it will only really matter if you have shaper to lan traffic you want to exclude from imq.
I don't see why you are classifying to the same class or need return. If you have two seperate internet links you still need two nonsharing queues added to the imq device.
Andy.
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
