hello, On Thu, Oct 23, 2008 at 11:09 AM, plug bert <[EMAIL PROTECTED]> wrote: > SRC=$PLAY_LAN > DST=0/0 > $IPTB -A POSTROUTING -t mangle -s $SRC -d $DST -j MARK > --set-mark=$LOW_PRIORITY_QMARK >
try adding: $IPTB -A POSTROUTING -t mangle -s $SRC -d $DST -j RETURN right after the first marking. para di na sya 'markahan' ng sunod mong marker. btw, why not use $PLAY_LAN directly as argument to your iptables? BUT, if you are limiting downstream, the destination (-d) should be your local subnet. dont forget that your interface should be eth1/2 and not eth0. your script will not work because you are limiting the traffic the worng way (upload). > > SRC=$WORK_LAN > DST=0/0 > $IPTB -A PREROUTING -t mangle -s $SRC -d $DST -j MARK > --set-mark=$HI_PRIORITY_QMARK > > same here. although not needed since this is your last marking, but anyway, for consistency. change PREROUTING to POSTROUTING as you are doing it for outbound traffic. > > > Does the MARKing get messed up during the NAT process? > no. separate yung mangle at nat tables. > tia > > > > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > thanks. -- edel _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
