Hello Sir,
I want some help from you. I have my configuration like this. I
have three machines. PC1,PC2,PC3.
hub hub
PC1--------------------PC2-----------------------PC3
eth0 eth0,eth1 eth0
I want to work my configuration like diffserv. I am generating
traffic from PC3 and sending it to PC1 via PC2(as a router)and
from PC2 to PC1 also. So i have two kinds of traffic. I want to
do these things:
1. Mark the packets going out from PC3 towards PC1 via PC2.
2. I have my rules and filters with tc in PC2. Means i want to
contol the traffic from PC2. Based on the mark which i put on the
traffic going out from PC3 i want to put the traffic in
different-differnt classes. Means i want to filter the traffic
based on the mark on traffic. It would be helpful if i am able to
mark the TOS bits so that i can see it in tcdump or ethereal.
3. Traffic going out from PC2 and generated by PC2 itself should
have different differnt mark so that the traffic can be filtered
based on the mark.
Please suggest sthing related to this.
Waiting for your reply.
Anish Mehta.
ENST-Bretagne.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Thursday, 05 September 2002, at 16:57:53 -0000, anish_46628 wrote:> 3. Traffic going out from PC2 and generated by PC2 itself should > have different differnt mark so that the traffic can be filtered > based on the mark. >With linux kernel 2.4.x, packets go through different sets of rules when "traversing" the box. A packet in transit will enter PREROUTING, pass on to FORWARD and finally to POSTROUTING just before being queued to be sent out on the physical interface. On the other hand, locally generated packets go first to OUTPUT and afterwards to POSTROUTING. Compare this to kernels 2.2.x when an in-transit packet would be seen at input, forward and output. There is an _excelent_ reference on iptables you should check to get the details of what you can do and how: http://people.unix-fu.org/andreasson/iptables-tutorial/iptables-tutorial.html -- Jose Luis Domingo Lopez Linux Registered User #189436 Debian Linux Woody (Linux 2.4.19-pre6aa1) _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Oskar Andreasson
2002-Sep-07 11:19 UTC
iptables tutorial moved (was Re: Requset regarding packet marking.)
Sorry to nitpick, but the tutorial actually moved some time ago. There was simply too much troubles with hosting, so I finally got a domain of my own (frozentux.net), and the tutorial is available at http://iptables-tutorial.frozentux.net, hosted by haringstad.com which looks really really good so far. Of course, if they would go down, i will always be able to move the DNS to somewhere else in the future instead... Anyways, just to let everyone know. I got some other things under development as well right now, hence the iptables stuff is pretty much at a "featurefreeze". Have a nice day! ---- Oskar Andreasson http://iptables-tutorial.haringstad.com http://people.unix-fu.org/andreasson/ mailto:blueflux@koffein.net On Fri, 6 Sep 2002, Jose Luis Domingo Lopez wrote:> On Thursday, 05 September 2002, at 16:57:53 -0000, > anish_46628 wrote: > > > 3. Traffic going out from PC2 and generated by PC2 itself should > > have different differnt mark so that the traffic can be filtered > > based on the mark. > > > With linux kernel 2.4.x, packets go through different sets of rules when > "traversing" the box. A packet in transit will enter PREROUTING, pass on > to FORWARD and finally to POSTROUTING just before being queued to be > sent out on the physical interface. On the other hand, locally generated > packets go first to OUTPUT and afterwards to POSTROUTING. Compare this > to kernels 2.2.x when an in-transit packet would be seen at input, forward > and output. > > There is an _excelent_ reference on iptables you should check to get the > details of what you can do and how: > http://people.unix-fu.org/andreasson/iptables-tutorial/iptables-tutorial.html > >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/