From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Nils Lichtenfeld" <Nils.Lichtenfeld@gmx.net>
Date: Wed, 17 Apr 2002 21:25:23 +0000
Subject: Re: [LARTC] A tc htb/iptables rate control script for ADSL
Message-Id: <marc-lartc-101907873905631@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-101900137903338@msgid-missing>
In-Reply-To: <marc-lartc-101900137903338@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hello there!

> I'd also do like this:
> 
> iptables -t mangle -A to-dsl -p tcp --dport 22 -j MARK --set-mark 1
> iptables -t mangle -A to-dsl -p tcp --dport 22 -j RETURN
> 
> iptables -t mangle -A to-dsl -p tcp --dport 80 -j MARK --set-mark 2
> iptables -t mangle -A to-dsl -p tcp --dport 80 -j RETURN
> 
> etc...
> 
> Otherwise iptables will do the whole "to-dsl" list for every packet. In
> your case ot wouldn't matter except for some extra CPU usage. But if you
> would like to mark port 80 as bulk-traffic and ACK's as interactive
> traffic, then those port 80 ACK's could be marked as bulk which you
> wouldn't want it to.

Does this behavior also occure when using ipchains?

Greetings Nils


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/