2011-09-08 16:00 keltezéssel, Marco Coda írta:
I just tried it, with rare 1Mbit, bandwidth 2 Mbit and iptables with
--dport 25 and, even if the iptables rule is matched (I can see the
packet count measuring the right size of the mail), tc seems to ignore
iptales rule matched -> that is good !!! :D
those packets. I know that my postfix open a connection to another mta
from a pseudo-random port to 25, but with --dport option tc does not
consider these packets. Instead, with --sport option, I don't know
why, something is filtered...
Do you see the connection in conntrack??? With the mark=1 value???
Maybe you are trying to set the whole tc on the wrong interface ?!? (As
I mentioned before: You can shape the leaving traffic... On the
interface that is used for the connection...)
- If you set your upload limit to 10kbit then you can send 1,25KByte per
sec. (It is veeerrryy slooow.)
In this moment I set this speed so I can test the server with small
attachments... When the script will be definitively complete,I'll set
the real values..
Maybe too low values would disable the tc?!? (I am really not sure about
it... :D )
2011/9/8 Nikolay Kichukov<hijacker@xxxxxxxxx>:
tc does not require iptables to shape traffic at all. So why bothering?
Yes, it can be done without iptables... But filtering in iptables
"maybe" easier than in tc...
Currently it does not work at all... :(
Swifty
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
