Erik Hensema
2003-Feb-18 12:46 UTC
[Patch 2.4.21-pre4]: promote netfilter MARK value to sit packets
The attached patch enables the kernel to copy the netfilter MARK values from IPv6 packets to sit (IPv6-in-IPv4 tunnel) packets. It enables you to provide QoS on tunneled IPv6 packets. I haven''t yet completed my scripts yet, but I''ll post a link to the list as soon as it''s ready for testing. For now, you can use something like this: ip6tables -t mangle -A POSTROUTING -o sitX <rules here> -j MARK --set-mark <mark> and on your real outgoing interface to your provider: tc filter add dev <DEV> parent 1:0 protocol ip handle <mark> fw classid <class> or: iptables [...] -p ipv6 -m mark --mark <mark> [...] Please note that this could interfere with existing firewall rules. Please help me test this before I submit it to the linux kernel mailing list for inclusion in the mainstream kernel. -- Erik Hensema (erik@hensema.net)