From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Furniss Date: Thu, 28 Apr 2005 19:25:41 +0000 Subject: Re: [LARTC] do I need to iptables mark in this scenario? Message-Id: <427138B5.9080103@dsl.pipex.com> List-Id: References: <1114612565.6651.13.camel@callisto> In-Reply-To: <1114612565.6651.13.camel@callisto> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Ron McKown wrote: > Hi Andy, > I've followed your advice and it works brilliant. However, I did fail > to mention something else which is causing a problem: > > Internet - eth0 - eth1 users (192.168.x.x) > local net- eth2 (10.0.x.x) > > There is another interface in this router (eth2) that should not be > shaped at all (it goes to another local network). > > My problem is, I can shape Internet traffic going to user on eth1 > (down), and user traffic going to Internet on eth0 (up). > However, if the downspeed is being shaped on the eth1, that means that > customers wanting something from eth2 will also be shaped. > > I thought maybe I could only mark packets with a destination to eth0, > which means packets going to eth2 would be left untouched, but that > doesn't appear to work, or maybe I'm making a mistake. > > here's my marking rule: > iptables -t mangle -A POSTROUTING --src 192.168.0.84 -o eth0 -j MARK -- > set-mark 34 I would change marking to FORWARD you can use -i and -o then so for upload from eth1 to internet. iptables -t mangle -A FORWARD -i eth1 -o eth0 -j MARK -- set-mark 34 and download iptables -t mangle -A FORWARD -i eth0 -o eth1 -j MARK -- set-mark 34 > > and here's the cbq rules (should I be using HTB for this??) I always use htb because it's what I am used to - I never really played around with CBQ so can't say it's better or worse. When I first read LARTC it said HTB was easier - so that's what I used. Andy. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc