В Вто, 21/07/2009 в 16:21 +0200, Fabio Marcone пишет: > In a post in a forum I see this: > iptables -t mangle -A PREROUTING -m owner --pid-owner <PID of process> - > -j MARK --set-mark 2 > iptables -t mangle -A PREROUTING -j IMQ --todev 0 This rule just tells the kernel to put this packet to imq0 device just after the mangle table is processed, not immediatelly. So it is safe and good practice to place those rules closer to the top. > the second rule is used? so, rule matching in mangle table is not blocking? > > Fabio > > Hi! > > I'm studying how to introduce traffic shaping in a linux router > > (debian). I mark packets in prerouting using mac source to forward > > packets on a selected WAN interface. > > I need to use mangle in PREROUTING to send packects (in input) to a > > imqX interface. > > Is there a conflict between mark and IMQ? > > If so, how it can be solved? > > > > Thanks in advance, > > Fabio Marcone > > -- > > To unsubscribe from this list: send the line "unsubscribe netfilter" in > > the body of a message to majordomo@xxxxxxxxxxxxxxx > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Покотиленко Костик <casper@xxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
