Hi all, I''m trying to shape ftp traffic. I saw in netstat that when a ftp get is started, a session is established using high ports (above 1024) randomic. So I can''t guess what port will be used. What could be the tc filter parameters for this ? I think marking packet is a way, but I''m using ipchains in the router, wich does not have established parameter. Any sugestion ? Thanks, Luciano Lima =========ELO Internet São Luis - MA - Brazil _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Wednesday 04 September 2002 13:46, Luciano Lima wrote:> Hi all, > > I''m trying to shape ftp traffic. I saw in netstat that when a ftp get is > started, a session is established using high ports (above 1024) > randomic. So I can''t guess what port will be used. > What could be the tc filter parameters for this ? > > I think marking packet is a way, but I''m using ipchains in the router, > wich does not have established parameter.The establish parameter will help you neither. But there is a patch for iptables (sorry) so you can mark ftp-data packets. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello Luciano, Try helper patch from patch-o-matic or use last kernel. I see it in 2.4.20pre4 If you want to match all packets belonging to ftp-sessions: (both ftp-command and ftp-data connections) iptables -t nat -A PREROUTING -m helper --helper ftp -j MARK --set-mark 1 use irc for irc-sessions. You''ll also need the bidirectional irc match for irc matching to work properly. ----------------------------------- mailto:alexey_talikov@texlab.com.uz BR Alexey Talikov FORTEK ----------------------------------- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/