Hi all,
Below is my network diagram: -
eth0 (adsl 1) eth1 (adsl 2)
| |
| |
| |
| |
-----------------
| |
| Gateway |
| |
-----------------
|
|
|
tun0
Below is my iptables scripting to mark certain ports:
-
# eMule
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp -m
multiport --destination-ports 4242,4661,4662,4663,4711
-j MARK -set-mark 11
$IPTABLES -t mangle -A PREROUTING -i tun0 -p udp -m
multiport --destination-ports 4672 -j MARK -set-mark
11
# BitTorrent
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp
--dport 6881:6889 -j MARK -set-mark 12
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp
--dport 6969 -j MARK -set-mark 12
# DirectConnect
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp -m
multiport --destination-ports 411,1412,20000 -j MARK
-set-mark 13
# Kazaa
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp -m
multiport destination-ports 1214,6699 -j MARK
-set-mark 14
$IPTABLES -t mangle -A PREROUTING -i tun0 -p udp
--dport 1214 -j MARK -set-mark 14
# Gnutella
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp -m
multiport destination-ports 6346,6347 -j MARK
-set-mark 15
$IPTABLES -t mangle -A PREROUTING -i tun0 -p udp -m
multiport destination-ports 6346,6347 -j MARK
-set-mark 15
Below is the iproute scripting: -
#
ip rule add fwmark 11 table p2p_01
ip rule add fwmark 12 table p2p_02
ip rule add fwmark 13 table p2p_03
ip rule add fwmark 14 table p2p_04
ip rule add fwmark 15 table p2p_05
#
ip route add default via 192.168.3.1 dev eth0 table
p2p_01
ip route add default via 192.168.3.1 dev eth0 table
p2p_02
ip route add default via 192.168.3.1 dev eth0 table
p2p_03
ip route add default via 192.168.3.1 dev eth0 table
p2p_04
ip route add default via 192.168.3.1 dev eth0 table
p2p_05
Can I mark same number for different ports? Like the
rule for "eMule?
Regards,
rootlinux
__________________________________
Yahoo! Mail - PC Magazine Editors'' Choice 2005
http://mail.yahoo.com
