Prasanna Krishnamoorthy wrote: > On Nov 7, 2007 5:37 AM, Tom Eastep <[EMAIL PROTECTED]> wrote: >> Example: >> >> 0x100 192.168.1.44 0.0.0.0/0 >> 0x200 0.0.0.0/0 0.0.0.0/0 tcp 25 >> >> A TCP packet from 192.168.1.44 with destination port 25 would end >> up with a mark value of 0x300 whereas the expected value is 0x200.
> If I add a mark for traffic shaping in this case, prior to the above > two rules, making them look like > > 0x11 192.168.1.44 0.0.0.0/0 > 0x100 192.168.1.44 0.0.0.0/0 > 0x200 0.0.0.0/0 0.0.0.0/0 tcp 25 > > What would be the effect of the patch? Would that mean that the > provider rule over-writes the shaping rule? Or should I be using the > mask? The above is an invalid set of rules. As always, you should apply routing marks in the PREROUTING/OUTPUT chains and traffic shaping marks in the FORWARD and POSTROUTING chains. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users