Hi all. I'm using Jamal's ifb virtual interface from new kernel. Redirecting incoming traffic from external interface like that: # tc [blahbla] match u32 0 0 flowid 1:0 action mirred egress redirect dev ifb0 to ifb to shape it. The problem is that I'm using MASQUERADE by netfilter also. That redirected traffic coming from internet gets to ifb _before_ DNAT is done. So I cannot filter or mark it in other way by ip dst address to differ between forwarded and incoming traffic to my node. Goal is to find a solution how to let tc filter find the difference between forwarded and incoming traffic in that redirected traffic coming to ifb device so shaping/queueing could be done elegantly :-) (well, infact this traffic goes off ifb device and then gets routed and masqed etc- by egress queue) Anybody got any nice ideas? Krzysztof _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
