* [LARTC] Re: layer 7 netfilter not working
@ 2004-07-09 23:12 FB
0 siblings, 0 replies; only message in thread
From: FB @ 2004-07-09 23:12 UTC (permalink / raw)
To: lartc
> I wouldn't bet the layer7 match works in table filter. You could try
>
> $IPTABLES -t mangle -A POSTROUTING -m layer7 --l7dir /etc/l7-protocols
> --l7proto ftp -j LOG --log-prefix 'marked: '
>
> and watch your logs. Um, and /etc/l7-protocols does contain your pattern
> definitions, right?
Yes there are my definition. And your idea with the logging was great, I
did it and guess what, the packets showed up in /var/log/syslog, so I
guess the layer7 classifier is working, but now I wonder why it still
doesn't shape (and remember DROP didn't work either, but there I am not
sure if it wasn't a configure mistake by me).
I changed the line back to:
$IPTABLES -t mangle -A POSTROUTING -m layer7 --l7dir /etc/l7-protocols
--l7proto ftp -j MARK --set-mark 322
But the shaping still doesn't work. I didn't want to terrorize you all
by posting my whole shapingskript here, so I uploaded it here:
http://www.flintz.de/shaping.txt
Would be really nice if someone could search the script for any mistakes!
-FB
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-07-09 23:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-07-09 23:12 [LARTC] Re: layer 7 netfilter not working FB
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.