From mboxrd@z Thu Jan 1 00:00:00 1970 From: schmurtz@netcourrier.com Date: Thu, 05 Jun 2003 11:13:34 +0000 Subject: Re: [LARTC] IMQ / how to put incoming traffic to the gateway and to Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org schmurtz@netcourrier.com writes: Hi again I'm not sure I made myself clear. Before using IMQ I was using ingress on ppp0 and egress on eth0 to police incoming traffic to the LAN. Now i'm using IMQ. I would like to do something like that: iptables -t mangle -A PREROUTING -j IMQ -i ppp0 iptables -t mangle -A FORWARD -i ppp0 -o eth0 -j MARK --set-mark 0x10 iptables -t mangle -A POSTROUTING -o eth0 -m mark --mark 0x10 -j IMQ but it's wrong, incoming traffic to my LAN is being queued twice to imq. Here is a simple example of what I would like to do: 2 htb classes bounded to imq0 (classid 1:10 and 1:20), i'd like to put incoming traffic destinated to the gateway in 1:10. And incoming traffic destinated to the NATed LAN in 1:20. Is there a way to correctly do that ? Is there anybody who understands me ? :-) > My setup is: > LAN --(eth0)-- GW/FW --(ppp0)-- Internet > How to distinguish incoming traffic to the gateway from the traffic to the LAN ? > I'm using 'iptables -t mangle -A PREROUTING -j IMQ -i ppp0' to send incoming traffic to imq0 > Now I would like to put incoming traffic to the gateway and incoming traffic to the lan in two different classes. > I tried 'iptables -t mangle -A POSTROUTING -o eth0 -m mark --mark 0x1 -j IMQ' and 'iptables -t mangle -A FORWARD -i ppp0 -o eth0 -j MARK --set-mark 0x1' > But it's wrong because the incoming traffic to the LAN goes twice to imq0. > Is there a way to do that correctly ? -- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/