Hy, I would want to mark the packets that are entering in a machine, with a mark for using diffserv with DSMARK. My machine has 2 interfaces, a ethernet and a wireless. The ethernet interface is eth1 and the other is wifi0. Firs, I would want to test that I would be able to mark the tos of the paquets that I would be receiving, for this I write in the console of my linux: iptables -A PREROUTING -i eth1 -t mangle -p udp -j TOS --set-tos 0x20 But the TOS doesn''t change (I see this with ethereal) Waht could be the problem? I''ve tried the same with the MARK option: iptables -A PREROUTING -i eth1 -t mangle -p udp -j MARK --set-mark 0x20 and a DSMARK. Regards. -- Sandra Salmerón Ntutumu <makevuy@ehas.org> Tlf. Analog: +34 914888405 / Móvil: 653574298 Tlf. IP desde FWD: 656212. Ext: 10 / Tel. IP desde EHAS: 010010 Fundación EHAS: Enlace Hispanoamericano de Salud - www.ehas.org Telemedicina rural para zonas aisladas de países en desarrollo
On 28-07-2006 14:43, makevuy wrote:> Hy, > > I would want to mark the packets that are entering in a machine, with a > mark for using diffserv with DSMARK. > > My machine has 2 interfaces, a ethernet and a wireless. The ethernet > interface is eth1 and the other is wifi0. > > Firs, I would want to test that I would be able to mark the tos of the > paquets that I would be receiving, for this I write in the console of my > linux: > > > iptables -A PREROUTING -i eth1 -t mangle -p udp -j TOS --set-tos 0x20 > > But the TOS doesn''t change (I see this with ethereal) > > Waht could be the problem?If I can remember, TOS is inserted for real some time later, so try to investigate on forward or postrouting. Jarek P.
On 28-07-2006 15:57, Jarek Poplawski wrote:> On 28-07-2006 14:43, makevuy wrote: >> Hy, >> >> I would want to mark the packets that are entering in a machine, with >> a mark for using diffserv with DSMARK. >> >> My machine has 2 interfaces, a ethernet and a wireless. The ethernet >> interface is eth1 and the other is wifi0. >> >> Firs, I would want to test that I would be able to mark the tos of the >> paquets that I would be receiving, for this I write in the console of >> my linux: >> >> >> iptables -A PREROUTING -i eth1 -t mangle -p udp -j TOS --set-tos 0x20 >> >> But the TOS doesn''t change (I see this with ethereal) >> >> Waht could be the problem? > > If I can remember, TOS is inserted for real some time later, so try to > investigate on forward or postrouting.After short weekend testing my memory turned out to be faulty again - it can remember only every second bit (because it''s old!). Iptables -j TOS and -j DSCP should change a tos field of ip headers at once (this could be seen with -j LOG everywhere after this setting). This field can influent the way a packet is classified by some qdisc like prio, but not directly - inner priority field is taken for this. And this priority is computed from tos only in forward. So probably ethereal showed packets before changes or you have some problem with iptables. Jarek P.