From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?ISO-8859-1?Q?T=F3th_N=E1ndor?= Date: Mon, 31 Jan 2005 16:59:24 +0000 Subject: Re: [LARTC] simple questions about imq Message-Id: <41FE63EC.4090806@sch.bme.hu> List-Id: References: <41FD1304.1080305@sch.bme.hu> In-Reply-To: <41FD1304.1080305@sch.bme.hu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi! Andre Correa wrote: >=20 > Cool Toth, please let us know if you make it work. Just take care to=20 > hook IMQ in the right place if you are doing NAT. You can choose to hook = > it after or before NAT. Where can i set it? Can you answer my questions below? I will document these things, if i managed to do it. --=20 Udv, Nandor > T=F3th N=E1ndor wrote: >=20 >> Hi! >> >> I have read all informations i could find, but some things are still=20 >> not clear. >> >> My setup is: >> ---INTERNET1(eth0)-\ /- Local net1 (eth2) >> GW >> ---INTERNET2(eth1)-/ \- Local net2 (eth3) >> >> I have NAT and a working setup using HTB,SFQ, classifying with the=20 >> iptables -j CLASSIFY way. I shape only the traffic coming from the=20 >> internet heading to the intranet. >> >> I would like to have a configuration like this: >> ---INTERNET1(eth0)-\ /- Local net1 (eth2) >> GW--imq0 >> ---INTERNET2(eth1)-/ \- Local net2 (eth3) >> >> I think it can be done this way: >> iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 0 >> iptables -t mangle -A PREROUTING -i eth1 -j IMQ --todev 0 >> >> But it would include traffic heading to the gateway directly, wouldn't=20 >> it? Can i put these rules to the POSTROUTING chain? >> >> And i can still have my CLASSIFY targets in the POSTROUTING chain,=20 >> because IMQ queing will happen after it according to=20 >> http://lartc.org/howto/lartc.imq.html. >> So for example: >> $IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j CLASSIFY=20 >> --set-class 1:30 >> $IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j CLASSIFY=20 >> --set-class 1:30 >> $IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j RETURN >> $IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j RETURN >> >> If i managed to do this, i promise, i will document it to the imq wiki. >> >> Any advice/help is appreciated! >> >=20 _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/