search for: postroute

Hello! My system is: Internet ADSL(PPPoE) ---> ppp0 [LINUX server(router)] eth0 ---> LAN Server(router) is running on LINUX Slackware 8.1. I have recompiled a 2.4.22 kernel, enabled all QoS support in the kernel config, including HTB. My ADSL bandwidth is 256Kbit/s for download and 64Kbit/s for upload. I use the following HTB+IPTABLES configuration, because I want to reduce bandwith for

dear all iam newbie , i have 256 kbits of down link and 64 kbits of up link iam using squid and htb i have got this while browsing the net , there are some few issues i need help while running the script i want browsing to be as fast as possible , uplink especially kaaza should not eat my band width. eth1 got public ip address and eth0 is internal with network 10.0.0.0/24 iam also using nat

Hi! I have read all informations i could find, but some things are still not clear. My setup is: ---INTERNET1(eth0)-\ /- Local net1 (eth2) GW ---INTERNET2(eth1)-/ \- Local net2 (eth3) I have NAT and a working setup using HTB,SFQ, classifying with the iptables -j CLASSIFY way. I shape only the traffic coming from the internet heading to the intranet. I would like

I saw this snippet from Daniel Chemko dchemko@smgtec.com Mon, 31 May 2004 09:30:43 -0700 # Egress marking (mostly for QOS operations) iptables -t mangle -A POSTROUTING -j CONNMARK --restore-mark iptables -t mangle -A POSTROUTING -m mark ! --mark 0 -j ACCEPT iptables -t mangle -A POSTROUTING -o ${if_inet} --dport 21 -j MARK --set-mark 0x111 iptables -t mangle -A POSTROUTING -j CONNMARK

Hi, I'm not sure but I think I suffer under the same problem with a bit different setup with squeeze testing and xen 4.0rc5. In fact I'm using bridges in the dom0 and the connections to the domU get lost sporadically. In don't see where's a solution to the problem... Is it now a bug? When it's an iptables bug, where's the corresponding bug in the iptables bugtracker

Hi, I''ve been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano! Once implemented, I''ve found that due to some reason packets aren''t properly marked (or improperly remarked) and sent out using the wrong interface. My topo setup is:

Dear all, I have running a DOM-0 on debian squeeze with the most recent kernel: Linux 2.6.32-5-xen-amd64 #1 SMP On 30% of all reboots the system hangs and only a reset helps. acpi=off as an additional kernel parameter solves this problem, but the usb keyboard of the installed ip-kvm is not found then. with acpi=off Ican find a lot stuff like: [ 7.098747] uhci_hcd 0000:00:1d.2: UHCI Host

Hi, i''m newbie with traffic control. I create a script based in one from Jason Boxman (thx a lot). the upload flow is prioritized well, but when i download from a site, the down flow vary a lot from 25 KB to 4 KB. Before i use this script the downloads are constant between 22 an 25 KB. Perhaps there''s something wrong in my script ? I paste it, thx.

Hi all, I am running Slackware 10.1 with Kernel 2.6.14.3 includes iptables 1.3.4 with layer 7 My network diagram below: - INTERNET --- LINUX_ROUTER_FW --- PCs Below is my simple iptables script: - echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t mangle -A POSTROUTING -m layer7 --l7proto applejuice -j MARK --set-mark 1 iptables -t

Hi, I am trying to categorize the network traffic and to send it out across two different providers. For this I mark the packets in the firewall (in the PREROUTING chain of table mangle), and then use another routing table for the marked packets, which has a different gateway from the main routing table. Basicaly I am following the cookbook example in this page:

i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7 but i don''t know which script for getting it in log file and use data after get it for plotting graph later my IPTABLES command like this iptables -t mangle -N all iptables -t mangle -A POSTROUTING -j all iptables -t mangle -A

Problem still not solved, or any idea whats wrong. here are some msgs: device vif1.0 entered promiscuous mode alloc irq_desc for 1246 on node 0 alloc kstat_irqs on node 0 brI: port 2(vif1.0) entering learning state device vif1.1 entered promiscuous mode brE: port 2(vif1.1) entering learning state physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for

Hi all, I'm observing an issue that as soon as libvirt starts, UPD broadcasts going through physical network (and unrelated to any virtualization) get broken. Specifically, windows neighbourhood browsing through samba's nmbd starts suffering badly (Samba is running on this same box). At the moment I'm running a quite outdated version 1.2.9 of libvirt, but other than this issue,

https://bugzilla.netfilter.org/show_bug.cgi?id=1255 Bug ID: 1255 Summary: nftables SNAT is not working Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: critical Priority: P5 Component: kernel Assignee: pablo at netfilter.org

Hi all iam trying to deploy loadbalance and failover My setup description --Fedora Core 4 --Linux 2.6.12.3 #1 SMP Mon Jul 25 22:37:34 IST 2005 i686 i686 i386 GNU/Linux --tc utility, iproute2-ss050314 --ip utility, iproute2-ss050314 --iptables v1.3.0 And i had deployed Following configuration #table main with priority 50, the highest one ip rule add prio 50 table main #table 201 ip rule add

Hi , this probably was asked many times before , but here it goes.. Until now i was using dsl_qos_queue - http://www.sonicspike.net/software/ Which limits outbound traffic and does packet priorites with iptables using MARKed packets.. works very well , I run a ftpserver + webserver so it''s usefull to set these 2 with lowest priority and my multiplayer gaming running on certain UDP ports

I''m a new comer. I have problems using tc+htb. I run the following commands, and expect outgoing ssh flow goes into 1:11. But actually it goes into default 12. What''s wrong? tc qdisc add dev eth0 root handle 1: htb default 12 tc class add dev eth0 parent 1: classid 1:1 htb rate 1000kbit ceil 2000kbit prio 1 tc class add dev eth0 parent 1:1 classid 1:11 htb rate 100kbit ceil

Hello everyone... I have a little trouble and need some help :P How can I check on which interface the packet is going (eth0, eth1; I have two ISP and on eth3 little LAN), using to check it TC and IMQ? (HTB script) I tried to mark packets, but on chain POSTROUTING this does not work... Maybe because packets fall on IMQ before signing. I tried marking it on FORWARD but packets also

Hi guys, Can you take a look at this? :) +-----------+ | | eth1-|- | | -|-eth0---LAN--- | | eth2-|- | | | +-----------+ - eth0 is connected to the LAN having the IP=LAN_IP eth1 is connected to the first ISP having IP=ISP_IP_1 and GW=ISP_GW_1 eth2 is connected to the second ISP having IP=ISP_IP_2 and GW=ISP_GW_2 I need

Hello guys I don''t know if this thing has been posted before (if it was , please forgive me). I have 7 computers at home and I want all of them to have access to the internet. In order to do that , I set up a linux router (2 network cards) as a usual router (eth0 : 82.77.69.75 - internet connection ; eth1 : 192.168.10.1 - local network) . The other computers have ips ranging from