Mandi! Niccolò Belli In chel di` si favelave... > connmark_sip? Maybe you meant SIP conntrack (which by the way never > worked very well for me)? Ahem, yes. nf_conntrack_sip. I've tested some times ago, but seems to me that worked... Anyway, really i've to do some test with ifb. I've hit problem number 3. In some setup i use an interface for landing ''public access'' to guests, so all traffic are marked (egress) based on that interface (eth0.3, a VLAN). That interface have also a network assigned (10.5.3.0/24). But clearly on ingress i cannot mark on destination interface (routing decision have to be done) nor on destination address (nat have to be done). I have to verify if using ifb and using 'connmark restore' on egress of ifb i can match that traffic, or if i have to ''rematch'' all traffic inside ifb (and, clearly, if NAT rules apply inside ifb; but this imply that conntrack works, so seems to me that will be a go/no go things). Really, i've to setup some test... -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/ Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)sv.lnf.it tel +39-0434-842711 fax +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/chi_siamo/5xmille.php (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA) -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
