On Thu, 2003-03-13 at 03:09, Antonio Paulo Salgado Forster wrote: > Hello all, > > I'm trying to apply QoS rules on protocols that use dynamic port > allocation on secondary connections such as ftp or H323 that have a > specific iptables helper to handle them, and the problem begins when the > secondary connections startup. Would the connmark module mark also the > seconday connections if you tells it to mark the main flow? Or, is there > any way to to match a packet using, at the same time, the -m state --state > RELATED match and check if the related connection belongs to a ftp session? > > Any ideas are appreciated. Thanks in advance. > > Forster Depending on your QoS setup, you could use the -m state --state RELATED and the fwmark patch to mark the packets. Then your QoS filters could be triggered by the fwmark values.
Attachment:
signature.asc
Description: This is a digitally signed message part
