On Jul 10, 2013, at 12:00 , Andy Furniss <adf.lists@xxxxxxxxx> wrote: > OK, so after saying I've never done this I remembered I had long ago and found a test :-) > > Using "handle 1" seems to get the filter rejected - but the main thing is the way you have to mark to match the first part of your classid - > > tc qdisc add dev eth0 root handle 1: htb > tc class add dev eth0 parent 1: classid 1:a htb rate 1mbit > tc class add dev eth0 parent 1: classid 1:b htb rate 1mbit > tc class add dev eth0 parent 1: classid 1:c htb rate 1mbit > tc filter add dev eth0 parent 1:0 protocol ip fw > > iptables -t mangle -I OUTPUT -o eth0 -p tcp -j MARK --set-mark 0x1000a > iptables -t mangle -I OUTPUT -o eth0 -p icmp -j MARK --set-mark 0x1000b > iptables -t mangle -I OUTPUT -o eth0 -p udp -j MARK --set-mark 0x1000c yay. that was it. it doesn't (yet) work with ip6tables. but ip[4]tables rocks now. Thank you so much for this information. Wolfgang-- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
