On Tue, 2004-11-30 at 00:12 -0200, [EMAIL PROTECTED] wrote: > Hi.... > > Help me please!!! > > I am using Linux Redhat as router of the my network. I am to making NAT and > firewall. > > In my iptables script, I need make 3 MARKs for the same packet, as following > > # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb > and 'dedicate link' 256Mb ) > # I am using 'ip rule / ip route' to make this > iptables -t mangle -A PREROUTING -p tcp --dport 21 -j MARK --set-mark 2000 > iptables -t mangle -A PREROUTING -p tcp --dport 20 -j MARK --set-mark 2000 > > # It marks the packets that will be shapped ( upload with cbq ) > iptables -t mangle -A PREROUTING -m mac 00:11:22:33:44:55 -j MARK --set-mark > 501 > .... > iptables -t mangle -A PREROUTING -m mac aa:bb:cc:dd:ee:ff -j MARK --set-mark > 631 > ###. I have 130 hosts in my network > > > # It marks the packages that priority has ( with 'tc prio' command) > iptables -t mangle -A PREROUTING -p tcp --dport 22 -j MARK --set-mark 100 > iptables -t mangle -A PREROUTING -p tcp --dport 23 -j MARK --set-mark 100 > iptables -t mangle -A PREROUTING -p udp --dport 27000:27015 -j MARK > --set-mark 110 > > > > But only last mark does function
I have just this hour started looking at marking packets, so my information could be wrong, but I believe that --set-mark <n> where n is an integer from 1-255. You cannot use values greater than 255. b.
signature.asc
Description: This is a digitally signed message part
