From: Daniel Ortiz <d.ortiz@in.ilimit.es>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] HTB question (problem with tc filter + NAT)
Date: Mon, 02 Jun 2003 10:43:13 +0000 [thread overview]
Message-ID: <marc-lartc-105455069118340@msgid-missing> (raw)
In-Reply-To: <marc-lartc-105455023717922@msgid-missing>
[-- Attachment #1: Type: text/plain, Size: 1756 bytes --]
On Mon, Jun 02, 2003 at 01:35:31PM +0300, TeraHz wrote:
> I wan to share internet to these 12 PCs. But my traffic control is not
> working. I'm using IP Masquerading to route internet to the LAN
>
> eth0 - LAN interface
> eth1 - Internet interface
>
> this is my firs htb script:
> #!/bin/bash
> tc qdisc del dev eth1 root handle 1:
>
> tc qdisc add dev eth1 root handle 1: htb default 30
>
> tc class add dev eth1 parent 1: classid 1:1 htb rate 25kbps ceil 48kbps
> #tc class add dev eth0 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps
> tc class add dev eth1 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps
...
>
> I tryed to change the parent ID, the Interface -> nothing
>
> Stef told me that this is not working because of the NAT
>
> so I've changed the filter part:
>
>
> tc filter add dev eth1 parent 1:0 protocol ip handle 10 fw classid 1:1
> tc filter add dev eth1 parent 1:0 protocol ip handle 11 fw classid 1:12
...
> iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.33 -j MARK --
> set-mark 33
> iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.34 -j MARK --
> set-mark 34
>
> I thing that this is wright but no!
> I've changed FORWARD with OUTUP. I tryed without specifying Interface ->
> still nothing.
>
> What is wrong?
> there is no filtration at all! Every packet is forwarded to the root
> class! You can guess what happens when someone from the LAN starts to
> dowload!
>
> My router box is: Slackware 9.0 (2.4.20 kernel)
>
>
> Thank you
>
Try with PREROUTING.
--
BSD ownz me
--
Daniel Ortiz
d.ortiz@in.ilimit.es
ILIMIT Comunicacions
Departament Sistemes
http://www.ilimit.es
Tel: (+34) 93 733 33 75
Fax: (+34) 93 733 32 43
[-- Attachment #2: Type: application/pgp-signature, Size: 187 bytes --]
next prev parent reply other threads:[~2003-06-02 10:43 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-02 10:35 [LARTC] HTB question (problem with tc filter + NAT) TeraHz
2003-06-02 10:43 ` Daniel Ortiz [this message]
2003-06-02 16:29 ` Stef Coene
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-105455069118340@msgid-missing \
--to=d.ortiz@in.ilimit.es \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.