Re: [plug] iptables nat + tc problem

Sun, 26 Oct 2008 23:28:51 -0700 

   i ended up using HTB instead of CBQ and made an entirely different 
script...that didn't work. You're right, i was attacking the problem at the 
wrong interface. It worked after i changed the interface to eth1. 


   i will give my orig. script another try though....thanks for all the replies 
B)




--- On Sat, 10/25/08, Edel SM <[EMAIL PROTECTED]> wrote:

> From: Edel SM <[EMAIL PROTECTED]>
> Subject: Re: [plug] iptables nat + tc problem
> To: "Philippine Linux Users' Group (PLUG) Technical Discussion List" 
> <[email protected]>
> Date: Saturday, October 25, 2008, 5:16 AM
> hello,
> 
> On Thu, Oct 23, 2008 at 11:09 AM, plug bert
> <[EMAIL PROTECTED]> wrote:
> > SRC=$PLAY_LAN
> > DST=0/0
> > $IPTB -A POSTROUTING -t mangle -s $SRC -d $DST  -j
> MARK --set-mark=$LOW_PRIORITY_QMARK
> >
> 
> try adding:
> $IPTB -A POSTROUTING -t mangle -s $SRC -d $DST  -j RETURN
> 
> right after the first marking. para di na sya
> 'markahan' ng sunod mong
> marker. btw, why not use $PLAY_LAN directly as argument to
> your
> iptables?
> 
> BUT, if you are limiting downstream, the destination (-d)
> should be
> your local subnet. dont forget that your interface should
> be eth1/2
> and not eth0.
> 
> your script will not work because you are limiting the
> traffic the
> worng way (upload).
> 
> >
> > SRC=$WORK_LAN
> > DST=0/0
> > $IPTB -A PREROUTING -t mangle -s $SRC -d $DST -j MARK
> --set-mark=$HI_PRIORITY_QMARK
> >
> >
> 
> same here. although not needed since this is your last
> marking, but
> anyway, for consistency.
> 
> change PREROUTING to POSTROUTING as you are doing it for
> outbound traffic.
> 
> >
> >
> > Does the MARKing get messed up during the NAT process?
> >
> 
> no. separate yung mangle at nat tables.
> 
> > tia
> >
> >
> >
> >
> >
> > _________________________________________________
> > Philippine Linux Users' Group (PLUG) Mailing List
> > http://lists.linux.org.ph/mailman/listinfo/plug
> > Searchable Archives: http://archives.free.net.ph
> >
> 
> 
> thanks.
> 
> 
> -- 
> edel
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph


      
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph

Reply via email to