[LARTC] IMQ and outgoing traffic.

[LARTC] IMQ and outgoing traffic.

[Leszek A.Szczepanowski]

Hello!
Configuring IMQ for egress traffic, it is not possible
to specify interfaces which we want use to shape.
iptables -t mangle -A POSTROUTING -j IMQ in effect direct
all packets to IMQ pseudo-device, independent from interface
the packet is going to out. How to specify, that we want to
send to IMQ only packet destined to eth0,eth1,eth2, but NOT
to eth3 ? My configuration is:
eth0,eth1,eth2 - local LANs, distributed traffic to various clients
eth3 - main internet connection (ADSL)
So, packets TO eth3 are not destined to IMQ, for them I want
to use separate HTB queue on this interface.
-- 


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] IMQ and outgoing traffic.

[Martin A. Brown]

Leszek,

 : Configuring IMQ for egress traffic, it is not possible
 : to specify interfaces which we want use to shape.

I'm afraid I'll have to disagree!  :)  Try adding the "-o interface" flag
to your iptables command to select based on the output interface.
Instead of:

  iptables -t mangle -A POSTROUTING -j IMQ

Use:

  iptables -t mangle -A POSTROUTING -o eth0 -j IMQ
  iptables -t mangle -A POSTROUTING -o eth1 -j IMQ
  iptables -t mangle -A POSTROUTING -o eth2 -j IMQ

As long as you don't write an iptables command which matches packets
leaving eth3 (and directs them to IMQ), you should have what you desire.

-Martin

-- 
Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] IMQ and outgoing traffic.

[Thomas Jalsovsky]

Hello,

	please keep in mind that there is a BUG in IMQ code so you can't
add ingress and egress packets into the same IMQ device from the same
physical device.
e.g.
iptables -t mangle -A POSTROUTING -o eth0 -j IMQ
iptables -t mangle -A PRETROUTING -i eth0 -j IMQ

You will get kernel panic (I tested it with 2.4.20-ac1 and latest
IMQ/HTB).

Is this problem solved?

	Thomas

On Mon, 27 Jan 2003, Martin A. Brown wrote:

> Leszek,
>
>  : Configuring IMQ for egress traffic, it is not possible
>  : to specify interfaces which we want use to shape.
>
> I'm afraid I'll have to disagree!  :)  Try adding the "-o interface" flag
> to your iptables command to select based on the output interface.
> Instead of:
>
>   iptables -t mangle -A POSTROUTING -j IMQ
>
> Use:
>
>   iptables -t mangle -A POSTROUTING -o eth0 -j IMQ
>   iptables -t mangle -A POSTROUTING -o eth1 -j IMQ
>   iptables -t mangle -A POSTROUTING -o eth2 -j IMQ
>
> As long as you don't write an iptables command which matches packets
> leaving eth3 (and directs them to IMQ), you should have what you desire.
>
> -Martin
>
> --
> Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/