From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?ISO-8859-2?Q?S=E9bastien_CRAMATTE?= Date: Tue, 09 Jan 2007 09:41:32 +0000 Subject: Re: [LARTC] How can I do traffic shapping for passive ftp ? Message-Id: <45A3634C.2040705@wanadoo.fr> List-Id: References: <45A2A8A5.4010000@wanadoo.fr> In-Reply-To: <45A2A8A5.4010000@wanadoo.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Kajetan Staszkiewicz a =E9crit : > Dnia poniedzia=B3ek, 8 stycznia 2007 21:25, S=E9bastien CRAMATTE napisa= =B3(a):=20 > > =20 >> Hello >> >> I've setuped a bridge with iptables + layer + ipp2p + tc >> I don't know how to shape passive ftp ? >> >> If I put rules on port 20, 21 or using layer 7 iptables accounting >> still empty ... >> When I done a tcpdump I can see that othe port than 20 or 21 are used ... >> =20 > > Use ip_nat_ftp and ip_conntrack_ftp modules. Then mark ftp traffic with h= elper=20 > match. > > example: > iptables -t mangle -A FORWARD -m helper --helper ftp -j MARK --set-mark 0= x03 > > > =20 I haven't specifiy that I don't use NAT. I use this QoS manager for a very small ISP and I can't control ftp server Upgrading Layer7 protocols seems thas is ok ... Regards _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc