Am Samstag, 4. März 2006 01:00 schrieb nix4me: > I am currently running the following script on an internal machine to > shape outbound ftp and email traffic. > > I am trying to move the script to my nat router (ipcop with 2 nic > cards) so that it shapes the whole network and not only the outbound > of 1 box. > > I have cable modem -> ipcop (eth1) >(eth0 - 192.168.1.1) > > 192.168.1.100 and 192.168.1.101. > > The scripts works great running on 192.168.1.101. But I cannot get > it to work on either of the ipcop interfaces. > > Does it have something to do with NAT ? > > Script: > #!/bin/bash > #shaping passive and active outbound ftp traffic on an internal > computer without affecting inbound and lan speed > > # mark the outbound passive ftp packets on ports 50000-51000 > iptables -t mangle -D OUTPUT -o eth0 -j MYSHAPER-OUT 2> /dev/null > > /dev/null > iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null > iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null > iptables -t mangle -N MYSHAPER-OUT > iptables -t mangle -I OUTPUT -o eth0 -j MYSHAPER-OUT you must mark your traffic in FORWARD or POSTROUTING chain. OUTPUT is only for locally generated traffic. -- Markus Schulz "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
