I think it is better to use an IFB device and shape the upload traffic using source IP before the NAT http://linux-net.osdl.org/index.php/IFB On 6/13/07, VladSun <vladsun@xxxxxxxxx> wrote:
Ethy H. Brito написа: > On Mon, 11 Jun 2007 22:02:31 +0300 > VladSun <vladsun@xxxxxxxxx> wrote: > > > >> TC is performed after POSTROUTING, so you can not do any IP related TC >> filtering. You can use CPU friendly patches for iptables like IPMARK or >> IPCLASSIFY. Take a look at them. >> > > Ok. Can someone point me the right direction to add IPMARK kernel support? > > I downloaded patch-o-matic today's snapshot and there is no IPMARK there. > > I have iptables-1.3.7 and kernel 2.6.21.1 sources (distro is slackware 11.0) > > The curious thing is that IPMARK is at iptables man page but I got and > error when I execute it. It says it could not > find /usr/lib/iptables/libipt_IPMARK.so: > > # locate -i IPMARK > # (no output here) > > > Regards. > > Ethy > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > Try "./runme download" in tge PoM directory. It should work if there is defined download URL for IPMARK in the source.list file in the PoM directory. If it doesn't work try to download older version of PoM. That is because netfilter team has refused to include IPMARK in the official versions some time ago. Regards _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-- Marco Casaroli SapucaiNet Telecom +55 35 34712377 ext 5
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
