Amplifying on my last post, the most recent documentation suggests the following example (slightly modified for my situation), but will not load:
# version from http://www.shorewall.net/IPP2P.html (does not load) #RESTORE:F - - tcp #CONTINUE:F - - tcp - - - !0 #1:F - - ipp2p ipp2p #SAVE:F - - tcp - - - 1 #1:50 - eth0 - - - - 1 #1:50 - eth1 - - - - 1 I get the following error: iptables: Unknown error -1 ERROR: Command "/sbin/iptables -t mangle -A tcpost -m mark --mark 1/255 -o eth0 -j CLASSIFY --set-class 1:50" Failed If I modify it ever so slightly, it will load, but doesn't classify traffic properly: # modified version from http://www.shorewall.net/IPP2P.html (loads OK) RESTORE:F - - tcp CONTINUE:F - - tcp - - - !0 1:F - - ipp2p ipp2p SAVE:F - - tcp - - - 1 50:F - eth0 - - - - 1 50:F - eth1 - - - - 1 i.e. I've taken the 1:50 and removed the 1: so something is going on there... I'm probably not understanding the examples properly at this point. All I want is for all p2p traffic to be marked class 50. -- Bob ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
