On Monday 02 June 2003 17:59, Rajesh Srivastava wrote:
> Hi,
>
> Fw marking using IP Tables does not work on an Ethernet bridge. Is it
> possible to set up the mark using iptables so that the packet can be
> directly routed to a predefined class using a mark value?
>
> The advantage of this would be the one can use conntrack etc. to track
> connections and forward the packets to the correct class.
>
> Example:
>
> tc qdisc del dev eth0 root
> tc qdisc add dev eth0 root handle 1: htb default 10
>
> tc class add dev eth0 parent 1: classid 1:1 htb rate 512kbit ceil 512kbit
> tc class add dev eth0 parent 1:1 classid 1:10 htb rate 128kbit ceil 256kbit
> tc class add dev eth0 parent 1:1 classid 1:22 htb rate 64kbit ceil 256kbit
> prio 3
> tc class add dev eth0 parent 1:1 classid 1:80 htb rate 64kbit ceil 128kbit
> prio 3
>
> # traditional method of classifying traffic into flowids
>
> tc filter add dev eth0 parent 1:1 protocol ip prio 3 u32 match ip sport 22
> 0x flowid 1:22
> tc filter add dev eth0 parent 1:3 protocol ip prio 3 u32 match ip sport 80
> 0x flowid 1:80
>
> ---
>
> What I want to achieve is as follows
>
> #set predefined marks
> iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 22 -m state --state
> ESTABLISHED -j MARK --set-mark 22
> iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 80 -m state
> --state ESTABLISHED -j MARK --set-mark 80
>
> Now I want to be able to forward packets marked 22 to class 1:22 and those
> marked 80 sent to class 1:80 without using the tc fw filter ( as it does
> not work on bridges ).
>
> Any help or pointers shall be highly appreciated.
You can use ebtales on a bridge. I think it has the same syntax/features as
iptables.
Stef
--
[EMAIL PROTECTED]
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
___
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
