From: "Brian J. Murrell" <brian@interlinx.bc.ca>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] iptables & tc - 3 marks
Date: Sun, 19 Dec 2004 19:32:47 +0000 [thread overview]
Message-ID: <1103484767.14502.143.camel@pc> (raw)
In-Reply-To: <20041130021236.1797.qmail@hm101.locaweb.com.br>
[-- Attachment #1: Type: text/plain, Size: 1478 bytes --]
On Tue, 2004-11-30 at 00:12 -0200, mah@rapidnet.com.br wrote:
> Hi....
>
> Help me please!!!
>
> I am using Linux Redhat as router of the my network. I am to making NAT and firewall.
>
> In my iptables script, I need make 3 MARKs for the same packet, as following
>
> # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and 'dedicate link' 256Mb )
> # I am using 'ip rule / ip route' to make this
> iptables -t mangle -A PREROUTING -p tcp --dport 21 -j MARK --set-mark 2000
> iptables -t mangle -A PREROUTING -p tcp --dport 20 -j MARK --set-mark 2000
>
> # It marks the packets that will be shapped ( upload with cbq )
> iptables -t mangle -A PREROUTING -m mac 00:11:22:33:44:55 -j MARK --set-mark 501
> ....
> iptables -t mangle -A PREROUTING -m mac aa:bb:cc:dd:ee:ff -j MARK --set-mark 631
> ###. I have 130 hosts in my network
>
>
> # It marks the packages that priority has ( with 'tc prio' command)
> iptables -t mangle -A PREROUTING -p tcp --dport 22 -j MARK --set-mark 100
> iptables -t mangle -A PREROUTING -p tcp --dport 23 -j MARK --set-mark 100
> iptables -t mangle -A PREROUTING -p udp --dport 27000:27015 -j MARK --set-mark 110
>
>
>
> But only last mark does function
I have just this hour started looking at marking packets, so my
information could be wrong, but I believe that --set-mark <n> where n is
an integer from 1-255. You cannot use values greater than 255.
b.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2004-12-19 19:32 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-30 2:12 [LARTC] iptables & tc - 3 marks mah
2004-12-19 19:32 ` Brian J. Murrell [this message]
2004-12-20 15:32 ` Lluis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1103484767.14502.143.camel@pc \
--to=brian@interlinx.bc.ca \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.