From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Fedyk Date: Mon, 09 Jul 2001 17:37:53 +0000 Subject: Re: [LARTC] How to recognize a IPSEC packet ? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org On Mon, Jul 09, 2001 at 04:30:37PM +0200, Franck BALAZOT wrote: > Hi all, > > I want to make bandwidth management with CBQ (iproute2) > There is no problem to manage service like FTP, HTTP,... > We have an IPSEC VPN here, and I don't know how to reconignize IPSEC > packets to manage the VPN bandwith. > Is there a special port or something in the IP packet header that tells > "here is an IPSEC packet" ? > Yep, ipsec normally uses IP Protocol 50 or 51 depending on other factors... These numbers aren't ports, but protocols on the same level of tcp and udp. ipchains -A input -m 1 -p 50 (or some such...) Mike _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/