similar to: Iptables with 3 marks. It is possible?

Hi.... Help me please!!! I am using Linux Redhat as router of the my network. I am to making NAT and firewall. In my iptables script, I need make 3 MARKs for the same packet, as following # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb ) # I am using ''ip rule / ip route'' to make this iptables

Hi, with the attached config my gaming ping is still +20ms, even if the line isn''t saturated..can anybody give me a hint how to get a better response time? my line: 1024/128kbit outbound: one htb qdisc for gaming (7kbps) prio 0 ceil 14kbps<- should get more traffic when needed. Htb again for irc and default. inbound: css, irc, p2p, default <- same shema as before, give css

hi all At last i got sucess !.. but am confused y it didnt work earlier..the difference today was that i reinstalled RH7.2 & complied kernel 2.4.16(not 17).. rest was same..... & the bandwidth too is under control!.. is it normal for to get more than said bandwidth--i mean i restricted a network with 8Kbit(with same script as below) but still was able to get a download(ftp) of

http://bugzilla.netfilter.org/show_bug.cgi?id=747 Summary: IPtables marked packets not being inpsected in NAT table. Product: iptables Version: CVS (please indicate timestamp) Platform: All OS/Version: All Status: NEW Severity: major Priority: P3 Component: iptables AssignedTo:

Actually i gave up, i tried and tried and tried so many times, upgrading software falling back to an old version but it didn''t work, that''s it. i can''t do work together tc with iptables and iproute2 when i mark a packet with iptables tc doesn''t recognize them so it falls at the default leaf of the tc''s tree what i like is to mark packets depending on

Dear All, I’m working with Fedora Core 3, kernel 2.9.1, MPLS-for-Linux-4.193, and having some problems when create a HTB queue. ALL packets goes to the default queue, they don’t care about any mark or ip field I use to enqueue them. : -/ That’s the deal, all packets that incoming the interface eth2 are classified and have theirs TOS field changed following some qos policy at the PREROUTING

Hello, I have a LINUX server with two internet connections available. I want all the traffic to go over the default route, but HTTP traffic to go over ISP2 line. Interfaces: eth1 192.168.2.254 - LAN 192.168.2.x ppp0 x.x.x.106 - remote gateway x.x.x.6 - ISP1 (default route) eth0 192.168.164.254 - remote gateway 192.168.164.113 - ISP2 (a hardware router) I have the following configuration: echo

Hi After several days testing and studing howtos and docu again ... I want to limit all tcp trafic with the limit module to say one connection per second except some known trafic. (This is because of using p2p progs gets mi crazy which gets my adsl modem down and I share my net with some users and because of encryption of stream l7 does not work ...) As I understand the limit module does work

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

I know that I have asked this before of the list. However we just changed ISP and ip's and I'm having this issue again. I have a linux firewall using iptables with the following config eth0 = WAN 1 eth1 = LAN 1 eth2 = WAN 2 I'm trying to forward all traffic that makes a request from eth2 to an internal IP on eth1. These are the folloing rules that I have set up. iptables -t nat -A

Hello! I want to mark all outgoing traffic depending on its service. Example: eth0 = 192.168.0.1 (local interface) ppp0 = 80.10.10.10 (internet 1) ppp1 = 80.10.10.11 (internet 2) http traffic over internet 1 (ppp0) ssh traffic to interface 2 (ppp1). I tried the following (routing and rules are set): iptables -A PREROUTING -t mangle -s 192.168.0.0/24 -p tcp --dport 80 -j MARK --set-mark 1

Hello, I''m trying to configure a machine to send mail traffic out on eth0 and web traffic, via Squid, out of eth1, with the default gw on the eth0 interface. After spending most of the day of trying this and that and reading docs until my eye hurts, I have had zero luck making anything work expect for standard routing. The Advance Routing Howto makes it seams easy to do this, but I fear

Hi, system info: ubuntu 7.04 (Host OS) samba 3.0.24 (installed with apt-get) vmware-server 6.0.1 windows XP (Guest OS) I was using the iptables script provided by iptablesrocks.org. It's been quite useful, but I ran into a problem when I tried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced

https://bugzilla.netfilter.org/show_bug.cgi?id=1370 Bug ID: 1370 Summary: iptables-restore-translate Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter:

http://bugzilla.netfilter.org/show_bug.cgi?id=606 Summary: Iptables-restore removing the wrong rules Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P1 Component: iptables-restore AssignedTo: laforge at netfilter.org ReportedBy: me

I have a server whit 2 interfaces of network, where eth0 is the interfaces connetc to internet and eth1 to the internal network. This server hace a Squid only, but i setting the iptables for protection to the server. Iptables run from script and in this script i setting the redirection for the other server in my internal network to port 80 and 443. I follow the diferent how to and many manual, but

Some day ago, a friend post one problem for mi. whist this texts: I have a server whit 2 interfaces of network, where eth0 is the interfaces connetc to internet and eth1 to the internal network. This server hace a Squid only, but i setting the iptables for protection to the server. Iptables run from script and in this script i setting the redirection for the other server in my internal network to

Hi, Currently I´m using the following iptables rule to mark packets in order to shape traffic: iptables -A PREROUTING -i eth2 -t mangle -p tcp -s 192.168.1.50/32 -j MARK --set-mark 50 So my question is, is there a limit in the numbers that can be used as marks? And also, can only numbers be used as marks? How about: iptables -A PREROUTING -i eth2 -t mangle -p tcp -s 192.168.1.50/32 -j MARK

Le 11/03/2018 ? 13:09, Leon Fauster a ?crit?: > It is not a good practice to place domain names into iptables rules. Define > a custom table, place this table into your rule list (to stick at the right > place) and feed that table with the resolved domain names. This can be altered > while running in the case of changes (check resolving results periodically). I admit I've never

http://bugzilla.netfilter.org/show_bug.cgi?id=589 Summary: MARK doesn't work properly with incoming traffic Product: iptables Version: unspecified Platform: i386 OS/Version: Ubuntu Status: NEW Severity: major Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org