On Sun, 11 Feb 2007 14:15:49 +0100, Alejandro Lorenzo Gallego wrote > [cut] > > $IPTABLES -F POSTROUTING > > $ANADIR -p tcp --sport 443 -j CLASSIFY --set-class 1:100 > $ANADIR -p tcp --sport 22 -j CLASSIFY --set-class 1:100 > $ANADIR -p tcp --sport 53 -j CLASSIFY --set-class 1:100 > $ANADIR -p tcp --sport 8080 -j CLASSIFY --set-class 1:100 > $ANADIR -p tcp --sport 587 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 6667 -j CLASSIFY --set-class 1:300 > $ANADIR -p tcp --sport 1863 -j CLASSIFY --set-class 1:300 > $ANADIR -p tcp --sport 123 -j CLASSIFY --set-class 1:200 > $ANADIR -p udp --sport 123 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 115 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 69 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 23 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 5223 -j CLASSIFY --set-class 1:300 > $ANADIR -p tcp --sport 10025 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 3690 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 3306 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 143 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 995 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 990 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 110 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 993 -j CLASSIFY --set-class 1:200 > $ANADIR -p tcp --sport 220 -j CLASSIFY --set-class 1:200 > #$ANADIR -d 192.168.20.49 -j CLASSIFY --set-class 1:700 > > [cut]
Have u tried to replace CLASSIFY target by MARK target and then using fw filter? I have got bad experience with CLASSIFY target. Bests, Tomasz Chilinski. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
