I think it is better to use an IFB device and shape the upload traffic using source IP before the NAT
http://linux-net.osdl.org/index.php/IFB On 6/13/07, VladSun <[EMAIL PROTECTED]> wrote:
Ethy H. Brito написа: > On Mon, 11 Jun 2007 22:02:31 +0300 > VladSun <[EMAIL PROTECTED]> wrote: > > > >> TC is performed after POSTROUTING, so you can not do any IP related TC >> filtering. You can use CPU friendly patches for iptables like IPMARK or >> IPCLASSIFY. Take a look at them. >> > > Ok. Can someone point me the right direction to add IPMARK kernel support? > > I downloaded patch-o-matic today's snapshot and there is no IPMARK there. > > I have iptables-1.3.7 and kernel 2.6.21.1 sources (distro is slackware 11.0) > > The curious thing is that IPMARK is at iptables man page but I got and > error when I execute it. It says it could not > find /usr/lib/iptables/libipt_IPMARK.so: > > # locate -i IPMARK > # (no output here) > > > Regards. > > Ethy > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > Try "./runme download" in tge PoM directory. It should work if there is defined download URL for IPMARK in the source.list file in the PoM directory. If it doesn't work try to download older version of PoM. That is because netfilter team has refused to include IPMARK in the official versions some time ago. Regards _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
-- Marco Casaroli SapucaiNet Telecom +55 35 34712377 ext 5
_______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
