Hello! Configuring IMQ for egress traffic, it is not possible to specify interfaces which we want use to shape. iptables -t mangle -A POSTROUTING -j IMQ in effect direct all packets to IMQ pseudo-device, independent from interface the packet is going to out. How to specify, that we want to send to IMQ only packet destined to eth0,eth1,eth2, but NOT to eth3 ? My configuration is: eth0,eth1,eth2 - local LANs, distributed traffic to various clients eth3 - main internet connection (ADSL) So, packets TO eth3 are not destined to IMQ, for them I want to use separate HTB queue on this interface. -- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Leszek, : Configuring IMQ for egress traffic, it is not possible : to specify interfaces which we want use to shape. I''m afraid I''ll have to disagree! :) Try adding the "-o interface" flag to your iptables command to select based on the output interface. Instead of: iptables -t mangle -A POSTROUTING -j IMQ Use: iptables -t mangle -A POSTROUTING -o eth0 -j IMQ iptables -t mangle -A POSTROUTING -o eth1 -j IMQ iptables -t mangle -A POSTROUTING -o eth2 -j IMQ As long as you don''t write an iptables command which matches packets leaving eth3 (and directs them to IMQ), you should have what you desire. -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello, please keep in mind that there is a BUG in IMQ code so you can''t add ingress and egress packets into the same IMQ device from the same physical device. e.g. iptables -t mangle -A POSTROUTING -o eth0 -j IMQ iptables -t mangle -A PRETROUTING -i eth0 -j IMQ You will get kernel panic (I tested it with 2.4.20-ac1 and latest IMQ/HTB). Is this problem solved? Thomas On Mon, 27 Jan 2003, Martin A. Brown wrote:> Leszek, > > : Configuring IMQ for egress traffic, it is not possible > : to specify interfaces which we want use to shape. > > I''m afraid I''ll have to disagree! :) Try adding the "-o interface" flag > to your iptables command to select based on the output interface. > Instead of: > > iptables -t mangle -A POSTROUTING -j IMQ > > Use: > > iptables -t mangle -A POSTROUTING -o eth0 -j IMQ > iptables -t mangle -A POSTROUTING -o eth1 -j IMQ > iptables -t mangle -A POSTROUTING -o eth2 -j IMQ > > As long as you don''t write an iptables command which matches packets > leaving eth3 (and directs them to IMQ), you should have what you desire. > > -Martin > > -- > Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/