Well I've read that with 2.6 I can use physdev : iptables -t mangle -A POSTROUTING -o br0 -m physdev --physdev-out eth0 -j OUT and surely this should work ? isn't it ? iptables -t mangle -A POSTROUTING -i br0 -m physdev --physdev-in eth1 -j IMQ --todev 0 regards Sébastien CRAMATTE a écrit : > Hello > > I try to setup QOS into bridge context. But this not very clear for me > So assuming that : > eth1 = LAN > eth0 = INTERNET > > br0 Link encap:Ethernet HWaddr 00:30:48:87:99:28 > inet addr:xxx.xxx.xxx.xxx Bcast:xxx.xxx.xxx.xxx > Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:5697373 errors:0 dropped:0 overruns:0 frame:0 > TX packets:164166 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:320113723 (305.2 MiB) TX bytes:35162676 (33.5 MiB) > > eth0 Link encap:Ethernet HWaddr 00:30:48:87:99:28 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:12797225 errors:0 dropped:0 overruns:0 frame:0 > TX packets:164149 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:100 > RX bytes:1045689736 (997.2 MiB) TX bytes:35893643 (34.2 MiB) > Base address:0xc000 Memory:f2000000-f2020000 > > eth1 Link encap:Ethernet HWaddr 00:30:48:87:99:29 > UP BROADCAST MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > Base address:0xd100 Memory:f1000000-f1020000 > > lo Link encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:20 errors:0 dropped:0 overruns:0 frame:0 > TX packets:20 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:1480 (1.4 KiB) TX bytes:1480 (1.4 KiB) > > I'm seen somewhere that eth0, eth1 should be set in promisc mode and > that the network script to this for me ... > Bun in fact, I'm not sure that my eth0 and eth1 are in promisc mode ... > > For the outgoing I've made an iptables user table to redirect outbound > traffic > If I put eth0 instead of br0 as outgoing interface the traffic is not > shapped ??? > > iptables -t mangle -N OUT > iptables -t mangle -A POSTROUTING -j LOG > iptables -t mangle -A POSTROUTING -o br0 -j OUT > > In my log I've got this ... > > Dec 11 04:07:02 gestor1 kernel: IN= OUT=br0 SRC=xxx.xxx.xxx.xxx > DST=xxx.xxx.xxx.xxx > > Logically, due to the same problem I can't do something like this to > shape the inboud traffic : > > #ip link set imq0 up > #iptables -t mangle -A POSTROUTING -o eth1 -j IMQ --todev 0 > > Regards > > Thanks for your help > > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > -- ZEN SOLUCIONES - Be in XForms take your "Concentré" Sébastien CRAMATTE C/ Alfonso X el Sabio, 29 30565 Las Torres de Cotillas (Murcia) ESPAÑA Mobile : +34 627 66 52 83 E-mail : scramatte@xxxxxxxxxxxxxxxxx Site : www.zensoluciones.com Skype : scramatte Msn : scramatte@xxxxxxxxxxx Jabber: scramatte@xxxxxxxxxx VoIP: +33 1 7090 3413 -- CONCENTRÉ xml entreprise grade framework http://concentre.zensoluciones.com -- This e-mail is privileged and may contain confidential information intended only for the person(s) named above. If you receive this e-mail in error, please notify the sender immediately and delete it. E-mail and internet transmissions can't be warrant privacy, integrity or correct reception. The sender will not be liable for any damages resulting. Este mensaje va dirigido, de manera exclusiva, a su destinatario y puede contener informaciones confidential. En caso de haber recibido este mensaje por error, informe al emisor imediadamente y proceda a su eliminación. El correo electrónico y las comunicaciones por medio de Internet no permiten garantizar la confidencialidad de los mensajes transmitidos, así como tampoco su integridad o su correcta recepción. El emisor no asume responsabilidad alguna por tales circunstancias. Ce message est destiné exclusivement à son destinataire et peut contenir des informations confidentielles. En cas de réception d'un tel message par erreur, informez l'expéditeur immédiatement et procédez à son effacement. Il n'est pas possible de garantir la confidentialité, l'intégrité ou la réception correcte du courrier électronique ainsi que des communications par internet. L'expéditeur ne peut être tenu pour responsable d'éventuels dommages commis.
begin:vcard fn;quoted-printable:S=C3=A9bastien CRAMATTE n;quoted-printable:CRAMATTE;S=C3=A9bastien org:ZEN Soluciones;IT technologies, Linux and Web adr;quoted-printable:Piso 4b;;Calle Alfonso X el Sabio, 29;Las torres de cotillas;Murcia;30565;Espa=C3=B1a email;internet:scramatte@xxxxxxxxxxxxxxxxx title:Consultant tel;work:+34 968 292 965 tel;cell:+34 627 665 283 x-mozilla-html:FALSE url:http://www.zensoluciones.com version:2.1 end:vcard
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
