Flemming Frandsen wrote:
I have a network with around 40 /24 subnets that shares a common DSL,
this cries out for shaping so here I am trying to make it work as my
first tc project.
I have managed to cargocult some snippets from this list and tried to
come up with a config, but there are a few things that I'd really like
some input on:
1) Are the NAT'ed addresses available in the PREROUTING table of eth0?
eth0 doesn't have a prerouting table everything coming in from anywhere
hits prerouting. If eth0 is WAN then packets coming in will still have
real ip addresses in PREROUTING.
2) If not then can I have the iptable --set-mark stuff in the tables
for one interface and use the mark in tc on another interface?
Yes tables are not device specific.
3) Is it possible to filter on the routing table in stead of the
--set-mark? so all traffic going to a certain router gets
filtered into the same htb?
You could use tc filters on ip/dst mac etc
#Have the bucket that traffic gets dropped into
#be determined by the firewall mark
#btw: --set-mark 0xbabeface maps to class id babe:face
tc filter add dev eth0 parent 1: protocol ip prio 1 handle 1 fw
Don't think you need handle 1 here.
#Hook up the classification table to the interface
iptables -t mangle -A PREROUTING -o eth0 -j to-dsl
Out dev isn't known in prerouting.
Andy.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
