Salatiel Filho wrote:
On Thu, Apr 23, 2009 at 07:28, Patrick McHardy <kaber@xxxxxxxxx> wrote:
I'm aware of those claims, but not of the details. If this is true,
people should raise those issues and help resolve them. I wouldn't
hold my breath waiting for IMQ to get fixed.
I would love to see a way to change where IFB hooks [if "hook" is the
right term ], till now i dont think i am able to hook it after nat in
prerouting and before nat in postrouting. Is there a way to do this ?
What i basically do with IMQ is:
eth0 [192.168.0.0/24]
ppp0 <----> eth1 [192.168.1.0/24]
eth2 [192.168.2.0/24]
Using imq i can shape upload on ppp0 [postrouting] while still having
the internal private ips from the hosts, and i can shape download in
ppp0 [prerouting] after get the correct nat'ed addresses.
Is there a way to achieve this in IFB ? in a simple way ... :)
Currently not, the conntrack association is done at a later point.
We could add a classifier or TC action that performs the lookup
during ingress classification.
Alternatively classifiers using conntrack information (like cls_flow)
could perform the lookup directly, but that would probably get a bit
ugly since some validation needs to be performed previously and it
would add a module dependency on conntrack.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
