Displaying 20 results from an estimated 10000 matches similar to: "Question regarding iptables marks for HTB"
2006 Feb 11
2
Route all LAN traffic through eth2 and keep web/mail traffic on eth0
Hi,
I have the following config:
1 PC with 3 NICs, that shares internet connection to LAN.
eth0 uses a public IP ($public_ip_1)
eth1 uses a private IP ($private_ip)
eth2 uses a public IP ($public_ip_2)
I have a webserver and a mailserver accesible by $public_ip_1 (eth0)
I have a LAN with all terminals using private IPs, and $private_ip (eth1) as
gateway.
$public_ip_1 and $public_ip_2 are from
2005 Jul 06
1
Mark all traffic except browsing
Hi,
I´d like to create two classes for HTB, one of them to limit traffic for
everything except browsing and the other to limit traffic only for browsing.
How can I mark all traffic except the one related to browsing with iptables?
Currently I mark all traffic related to one IP with:
iptables -A PREROUTING -i eth2 -t mangle -p tcp -s $IP_ADDRESS -j MARK
--set-mark 10
Should I use three rules
2005 Jun 22
1
Problem with HTB and IPTABLES
Dear All,
Im working with Fedora Core 3, kernel 2.9.1, MPLS-for-Linux-4.193, and
having some problems when create a HTB queue. ALL packets goes to the
default queue, they dont care about any mark or ip field I use to enqueue
them. : -/
Thats the deal, all packets that incoming the interface eth2 are classified
and have theirs TOS field changed following some qos policy at the
PREROUTING
2004 Dec 01
0
Iptables with 3 marks. It is possible?
Hi....
Help me please!!!
I am using Linux Redhat as gateway of the my network to internet. I am to making NAT and firewall.
In my iptables script, I need make 3 MARKs for the same packet, as following
# It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb )
# I am using ''ip rule / ip route'' to make this
2005 May 18
4
HTB + IMQ + IPtables marking.
Folks,
I''m so surprised what happened to my box just in the few weeks lately.
Here is my setup:
INTERNET <----------> [eth0] SHAPER-BOX [eth1] <----------> USER-FARM
both eth0 & eth1 got public ips (202.x.x.x)
Why traffic monitored at eth0 is bigger than eth1 ?
eth1 shaped just exactly the same as rate i defined in HTB.
I just have 1024Kbps from my ISP and i defined the
2004 Nov 30
2
iptables & tc - 3 marks
Hi....
Help me please!!!
I am using Linux Redhat as router of the my network. I am to making NAT and firewall.
In my iptables script, I need make 3 MARKs for the same packet, as following
# It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb )
# I am using ''ip rule / ip route'' to make this
iptables
2005 Oct 01
2
imq + htb
Hi, i am running imq + htb on my router , the situation is like this
eth0 = uplink to my provider
eth1 = 1st customer
eth2 = 2nd customer
eth3 = 3th customer
eth0 has limit 512 and i want to share this between eth1 eth2 and eth3 ,
but not working , this is the script i used,
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
#!/bin/sh
2009 Jul 13
0
Iptables issues again
I know that I have asked this before of the list. However we just changed
ISP and ip's and I'm having this issue again. I have a linux firewall
using iptables with the following config
eth0 = WAN 1
eth1 = LAN 1
eth2 = WAN 2
I'm trying to forward all traffic that makes a request from eth2 to an
internal IP on eth1.
These are the folloing rules that I have set up.
iptables -t nat -A
2004 May 31
1
skip other iptables marking if packet is already marked
I have many iptables setmark commands, but as soon
as there is one match, I would like to skip all the rest.
How to do this.
-------not-working-not-mark-zero-is-not-accepted---------
iptables -t mangle -A PREROUTING ..... -j MARK --set-mark .....
iptables -t mangle -A PREROUTING -m MARK ! --mark 0 -j ACCEPT
iptables -t mangle -A PREROUTING ..... -j MARK --set-mark .....
iptables -t mangle -A
2004 Dec 27
2
htb and iptables marked packets question
Hi folks,
I have a strange situation. When I add branches to the tree, everything
goes to the default class.
The error might be obvious, but I cannot find it. I would really appreciate
your help.
this works, nothing goes to "1:9999":
#############################################################################
/sbin/iptables -F -t mangle
/sbin/tc qdisc del dev eth1 root >
2011 Sep 06
2
[Bug 747] New: IPtables marked packets not being inpsected in NAT table.
http://bugzilla.netfilter.org/show_bug.cgi?id=747
Summary: IPtables marked packets not being inpsected in NAT
table.
Product: iptables
Version: CVS (please indicate timestamp)
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P3
Component: iptables
AssignedTo:
2002 Jan 09
0
Re: iptables mark & iproute]
hi all
At last i got sucess !.. but am confused y it didnt work earlier..the
difference today was that i reinstalled RH7.2 & complied kernel
2.4.16(not 17).. rest was same..... & the bandwidth too is under control!..
is it normal for to get more than said bandwidth--i mean i restricted a
network with 8Kbit(with same script as below) but still was able to get
a download(ftp) of
2006 Feb 04
1
Routing for multiple interfaces (marking ports)
Hello guys,
I am still in doubt about this kind of server. So my question is about
the "prio" at routing tables like:
I have 3 tables in /etc/iproute2/rt_tables:
201 201
202 202
222 222
In table 201 there is the rules about my internet link (frame relay)
that comes into eth0. So I made this route into it:
[root@ns2 iproute2]# ip route show table 201
default via
2007 Feb 14
0
Marking packets with iptables (NEWBIE)
Hi all,
I''m trying to marking packets with iptables and use tc filter to catch this
packets.
I configure my device:
tc qdisc del root dev eth0
tc qdisc add dev eth0 root handle 1: htb default 10
tc class add dev eth0 parent 1: classid 1:1 htb rate 3000kbit ceil 6000kbit
burst 15k
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 2000kbit ceil
4000kbit burst 15k
tc qdisc add dev eth0
2003 Oct 31
0
Policy routing with IPTABLES MARK (please help me)
Hello,
I have a LINUX server with two internet connections available.
I want all the traffic to go over the default route, but HTTP traffic
to go over ISP2 line.
Interfaces:
eth1 192.168.2.254 - LAN 192.168.2.x
ppp0 x.x.x.106 - remote gateway x.x.x.6 - ISP1 (default route)
eth0 192.168.164.254 - remote gateway 192.168.164.113 - ISP2 (a
hardware router)
I have the following configuration:
echo
2006 Jan 07
2
Sharing a DSL between 40 subnets with htb
I have a network with around 40 /24 subnets that shares a common DSL,
this cries out for shaping so here I am trying to make it work as my
first tc project.
I have managed to cargocult some snippets from this list and tried to
come up with a config, but there are a few things that I''d really like
some input on:
1) Are the NAT''ed addresses available in the PREROUTING table
2005 Jun 06
1
iptables bug results in confusion
The current thread on the User''s List entitled "Multi-ISP in 2.4.0" includes
the following tcrules file:
############################################################################
##
#MARK SOURCE DEST PROTO PORT(S) CLIENT USER
TEST
# PORT(S)
201:P eth2 ppp1
2005 Jan 06
0
iproute with iptables/mangle
Hi List,
i have a realy strange problem with no solution yet,
i''m using iproute together with the iptables mangle option, in a dmz network
is
a cisco pix present with another inet link behind, therefore i''m using the
mangle option to split traffic on a protocol base like:
iptables -A PREROUTING -t mangle -i eth1 -s 192.168.1.5 -p tcp --dport 80 -j
MARK --set-mark 3
and add the
2006 Jul 28
2
Problem with iptables with -j TOS and MARK
Hy,
I would want to mark the packets that are entering in a machine, with a
mark for using diffserv with DSMARK.
My machine has 2 interfaces, a ethernet and a wireless. The ethernet
interface is eth1 and the other is wifi0.
Firs, I would want to test that I would be able to mark the tos of the
paquets that I would be receiving, for this I write in the console of my
linux:
iptables -A
2007 Jan 08
0
TC on multiple nics
Happy New Year.
Finally got my fw and tc rules down pat for the bridge, now interested
in introducing a third nic to have nat on the box as well. Does anyone
have a idea of a good place to start reading up on the subject, mainly
interested in how to setup the flow direction to start with as to get a
overall understanding of the flow, found that help best.
Internet --- eth0 --- eth1 ---