Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread JC Putter
thanks answered my on question by just using the ftp helper no src or dst port. now ftp traffic gets marked. On Wed, Nov 13, 2013 at 1:19 AM, JC Putter wrote: > Tom or anyone > > Last question. > > i have a tcrule to limit ftp as well now and i am using the ftp helper > however i am not seeing

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread JC Putter
Tom or anyone Last question. i have a tcrule to limit ftp as well now and i am using the ftp helper however i am not seeing any hits on the rule. any ideas why? 80 and 443 work 100% now.. see attached On Tue, Nov 12, 2013 at 7:58 PM, JC Putter wrote: > Tom, > > Thank you very much! got it wor

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread JC Putter
Tom, Thank you very much! got it working, after re-reading shorewall.conf man FORWARD_CLEAR_MARK was not set (which if i understand the man correctly it defaults to YES?) after changing it to No, it seems to work now! On Tue, Nov 12, 2013 at 7:10 PM, Tom Eastep wrote: > On 11/12/2013 8:24 AM,

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread Tom Eastep
On 11/12/2013 8:24 AM, JC Putter wrote: > attached the shorewall dump. > > MARK_IN_FORWARD_CHAIN=No > As I explained in the last email, it is *never* going to work with MARK_IN_FORWARD_CHAIN=No and FORWARD_CLEAR_MARK=Yes. You must change the setting of one or the other or you must do your markin

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread JC Putter
attached the shorewall dump. MARK_IN_FORWARD_CHAIN=No many thanks On Tue, Nov 12, 2013 at 6:07 PM, Tom Eastep wrote: > On 11/12/2013 7:47 AM, JC Putter wrote: > > Tom, > > > > Thank you for you reply. Please accept my apologies for the email format. > > > > Here is my config now, i have MARK

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread Tom Eastep
On 11/12/2013 7:47 AM, JC Putter wrote: > Tom, > > Thank you for you reply. Please accept my apologies for the email format. > > Here is my config now, i have MARK_IN_FORWARD_CHAIN=No > > > LAN=eth0 > WAN=eth2 > > so traffic now goes to the default class which is good however seems > like my

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-12 Thread JC Putter
Tom, Thank you for you reply. Please accept my apologies for the email format. Here is my config now, i have MARK_IN_FORWARD_CHAIN=No LAN=eth0 WAN=eth2 so traffic now goes to the default class which is good however seems like my marking isn't working because as shown in tcrules, i've mark tho

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-11 Thread Tom Eastep
On 11/11/2013 4:57 AM, JC Putter wrote: > Hi, > > anyone that can maybe assist? > > Thanks > > > On Sun, Nov 10, 2013 at 9:39 AM, JC Putter > wrote: > > Hi, > > i am using shorewall 4.5.21.3 on CentOS 6.4. i have a two interface > firewall, one wan and

Re: [Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-11 Thread JC Putter
Hi, anyone that can maybe assist? Thanks On Sun, Nov 10, 2013 at 9:39 AM, JC Putter wrote: > Hi, > > i am using shorewall 4.5.21.3 on CentOS 6.4. i have a two interface > firewall, one wan and the another lan. > > the firewall is doing masquerading for the lan, i am trying to setup some > QoS

[Shorewall-users] Help with Shorewall Traffic Shaping

2013-11-09 Thread JC Putter
Hi, i am using shorewall 4.5.21.3 on CentOS 6.4. i have a two interface firewall, one wan and the another lan. the firewall is doing masquerading for the lan, i am trying to setup some QoS policies however finding it difficult to work. Also i need some advise and better explanation, according to