[LARTC] Iptables matching on IFB

2006-12-06 Thread FB
ent this in MS. > >Cheers, >Unki So, does anyone of you know if iptables matching is possible on an IFB interface? I would try it myself but sadly I can't experiment with my router currently :-( Thanks in advance for any help -FB ___ LARTC m

Re: [LARTC] Layer 7 packet classifier doesn't recognize packets sent by the router itself

2005-01-24 Thread FB
the router). Any ideas how to accomplish that? -FB George Alexandru Dragoi wrote: Try this iptables -t mangle -N local iptablts -t mangle -A INPUT -i $INET_IFACE -j local iptables -t mangle -A OUTPUT -o $INET_IFACE -j local iptables -t mangle -A local -p tcp -m layer7 --l7proto http -j DROP I only

[LARTC] Layer 7 packet classifier doesn't recognize packets sent by the router itself

2005-01-22 Thread FB
tocol, same thing. Anyone has an idea why this is happening? Thanks in advance. -FB ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Layer 7 netfilter not working

2004-07-12 Thread FB
layer7 --l7proto ftp -j MARK --set-mark 322 Any suggestion how to modify it? (-A INPUT doesn't work, no shaping anymore at all, when I put this) -FB ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:

Re: [LARTC] Layer 7 netfilter not working

2004-07-12 Thread FB
ction over the router (from a computer inside the lan) the connection is shaped perfectly (with layer7). So my question: Why do the layer7 rules only work with connections over the router but not from the router itself? -FB ___ LARTC mailing list / [

[LARTC] Re: layer 7 netfilter not working

2004-07-09 Thread FB
kript here, so I uploaded it here: http://www.flintz.de/shaping.txt Would be really nice if someone could search the script for any mistakes! -FB ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Layer 7 netfilter not working

2004-07-09 Thread FB
`man iptables` "REJECT This is used to send back an error packet in response to the matched packet: otherwise it is equivalent to DROP so it is a terminating TARGET, ending rule traversal. This target is only valid in the INPUT, FORWARD and OUTPUT chains, and userdefined chains which are only

Re: [LARTC] Layer 7 netfilter not working

2004-07-09 Thread FB
e it (as written in the howto under "blocking") to: iptables -t mangle -A POSTROUTING -m layer7 --l7proto http -j REJECT I get an "iptables: Invalid Argument" when executing the script, how that? (I must admit that I am not that iptable expe

[LARTC] Layer 7 netfilter not working

2004-07-09 Thread FB
oing any higher). Any help is really appreciated! -FB ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/