[LARTC] fwmark on bridge+htb

[Rajesh Srivastava]

Hi, Fw marking using IP Tables does not work on an Ethernet bridge. Is it possible to set up the mark using iptables so that the packet can be directly routed to a predefined class using a mark value? The advantage of this would be the one can use conntrack etc. to track connections and forward the packets to the correct class. Example: tc qdisc del dev eth0 root tc qdisc add dev eth0 root handle 1: htb default 10 tc class add dev eth0 parent 1: classid 1:1 htb rate 512kbit ceil 512kbit tc class add dev eth0 parent 1:1 classid 1:10 htb rate 128kbit ceil 256kbit tc class add dev eth0 parent 1:1 classid 1:22 htb rate 64kbit ceil 256kbit prio 3 tc class add dev eth0 parent 1:1 classid 1:80 htb rate 64kbit ceil 128kbit prio 3 # traditional method of classifying traffic into flowids tc filter add dev eth0 parent 1:1 protocol ip prio 3 u32 match ip sport 22 0xffff flowid 1:22 tc filter add dev eth0 parent 1:3 protocol ip prio 3 u32 match ip sport 80 0xffff flowid 1:80 ------- What I want to achieve is as follows #set predefined marks iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j MARK --set-mark 22 iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 80  -m state --state ESTABLISHED -j MARK --set-mark 80 Now I want to be able to forward packets marked 22 to class 1:22 and those marked 80 sent to class 1:80 without using the tc fw filter ( as it does not work on bridges ). Any help or pointers shall be highly appreciated. Thanks Rajesh