From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andy Furniss <andy.furniss@dsl.pipex.com>
Date: Mon, 31 Jan 2005 23:39:12 +0000
Subject: Re: [LARTC] simple questions about imq
Message-Id: <41FEC1A0.9040909@dsl.pipex.com>
List-Id: <lartc.vger.kernel.org>
References: <41FD1304.1080305@sch.bme.hu>
In-Reply-To: <41FD1304.1080305@sch.bme.hu>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

T=F3th N=E1ndor wrote:
> Hi!
>=20
> I have read all informations i could find, but some things are still not =

> clear.
>=20
> My setup is:
>  ---INTERNET1(eth0)-\  /- Local net1 (eth2)
>                      GW
>  ---INTERNET2(eth1)-/  \- Local net2 (eth3)
>=20
> I have NAT and a working setup using HTB,SFQ, classifying with the=20
> iptables -j CLASSIFY way. I shape only the traffic coming from the=20
> internet heading to the intranet.
>=20
> I would like to have a configuration like this:
>  ---INTERNET1(eth0)-\        /- Local net1 (eth2)
>                      GW--imq0
>  ---INTERNET2(eth1)-/        \- Local net2 (eth3)
>=20
> I think it can be done this way:
> iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 0
> iptables -t mangle -A PREROUTING -i eth1 -j IMQ --todev 0
>=20
> But it would include traffic heading to the gateway directly, wouldn't=20
> it?

Yes - but people often want this.

  Can i put these rules to the POSTROUTING chain?
>=20
> And i can still have my CLASSIFY targets in the POSTROUTING chain,=20
> because IMQ queing will happen after it according to=20
> http://lartc.org/howto/lartc.imq.html.
> So for example:
> $IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j CLASSIFY --set-class=20
> 1:30
> $IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j CLASSIFY --set-class=20
> 1:30
> $IPTABLES -t mangle -A POSTROUTING -o $eth2 ... -j RETURN
> $IPTABLES -t mangle -A POSTROUTING -o $eth3 ... -j RETURN
>=20
> If i managed to do this, i promise, i will document it to the imq wiki.
>=20
> Any advice/help is appreciated!
>=20

You need to jump to imq in postrouting, classify should be done first ok=20
try and see.

If you only want to shape forwarded traffic you could mark/classify=20
using -i and -o in forward and then match on mark/class and -j IMQ in=20
postrouting, it will only really matter if you have shaper to lan=20
traffic you want to exclude from imq.

I don't see why you are classifying to the same class or need return. If=20
you have two seperate internet links you still need two nonsharing=20
queues added to the imq device.

Andy.


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/