On Wed, 11 Jul 2007, wrote: > I would like to bring up the question, if there is a way to associate a > nfmark with a socket. It would be very helpful as it saves the matching > against iptables rules which would have to than match the packet and > associate the nfmark. > > The same question was already posted here: > http://lists.netfilter.org/pipermail/netfilter/2002-October/039074.html i ended up using IPTOS to do what i wanted... it can't handle nearly as many cases, but i ended up just burning a few extra IP addresses to get all the traffic shaping classes i needed. i wrote a mod_iptos for apache so it could set IPTOS appropriately depending on response size, or vhost or whatever. http://arctic.org/~dean/mod_iptos/ i haven't ported it to apache 2.x yet. -dean
