thr3ads.net - LARTC - Mark all traffic except browsing [Jul 2005]

If this information is useful, please help other people find it:
Share via:

Eduardo Bejar

2005-Jul-06 16:31 UTC

Mark all traffic except browsing

Hi,

I´d like to create two classes for HTB, one of them to limit traffic for
everything except browsing and the other to limit traffic only for browsing.
How can I mark all traffic except the one related to browsing with iptables?

Currently I mark all traffic related to one IP with:

iptables -A PREROUTING -i eth2 -t mangle -p tcp -s $IP_ADDRESS -j MARK
--set-mark 10

Should I use three rules for my purpose?

iptables -A PREROUTING -i eth2 -t mangle -p tcp -s $IP_ADDRESS --dport 1:79
-j MARK --set-mark 10
iptables -A PREROUTING -i eth2 -t mangle -p tcp -s $IP_ADDRESS --dport
81:65535 -j MARK --set-mark 10

iptables -A PREROUTING -i eth2 -t mangle -p tcp -s $IP_ADDRESS --dport 80 -j
MARK --set-mark 11

Please tell me if this is correct,

Regards,

Edo

Andreas Klauer

2005-Jul-06 18:26 UTC

head link

Re: Mark all traffic except browsing

On Wednesday 06 July 2005 18:31, Eduardo Bejar wrote:> Should I use three rules for my purpose?
Two should suffice; just set all packets from $IP_ADDRESS to 10 first and 
afterwards set all packets for port 80 to 11. I think this only makes 
sense if you have two classes per source IP, though, because otherwise you 
could just use one tc filter rule to put port 80 packets into one class 
and let the rest go into the default class.

HTH
Andreas

Seemingly Similar Threads

Search for more apparently analagous threads

LARTC - Jul 2005 - Mark all traffic except browsing

Mark all traffic except browsing

Re: Mark all traffic except browsing

Seemingly Similar Threads