Displaying 20 results from an estimated 20000 matches similar to: "fwmark(ing) in OUTPUT; has anyone had success?"
2003 Sep 18
0
hexadecimal fwmark and fwmark mask
Hi list,
I''m new to this list, I just subscribed because I have some ackward
about IPRoute2.
First, while playing with NetFilter'' "MARK" target, I met a weird
behaviour once I tried to use this marks in the RPDB : the packets
where successfully marked, but it seemed that RPDB didn''t succed in
matching them (for those who already know the answer, I only used
2006 Nov 02
0
src routing and fwmark
Hi,
I''ve got 2 lines from two diffrent ISP''s, one is a leased line and another a
DSL line,
I route certain ips over the DSL line for faster access and would like
email to go over the leased line as it has a static ip and is our sending
mailserver ip
I would like to send mail to the same ips that is routed over DSL via the
leased line, otherwise my server gets blacklisted with
2003 Mar 04
2
Routing based on fwmark
I''m having trouble routing on high fwmarks, I want to use a lot of
different marks for 2 routes so that I can QoS based on the marks
ip rule looks like this:
0: from all lookup local
32751: from all fwmark 31 lookup dslout
32752: from all fwmark 30 lookup dslout
32753: from all fwmark 29 lookup dslout
32754: from all fwmark 28 lookup dslout
32755: from
2002 Aug 15
0
conditional routing based on tos/fwmark not working with ipsec
Hello all,
I am working with kernel 2.2.20 with the necessary options configured into
the kernel to support all of the wonderfully fancy routing features:
- routing based on ToS
- routing based on fwmark
- multiple routing tables
This same kernel is in use elsewhere, and is routing based on fwmark with
success. This leads me to believe that my kernel is OK and that I have
another
2006 Mar 31
0
rule fwmark desn''t work for local packets (output chain)
Witam wszystkich
After few days with yours help I''ve succeeded with setup of load-balancing.
Now I have problem with next step. I want to mark some packets and than put
them to the one of the routing tables to force them going via only one
interface with only one ip. Easy?? Ofcourse, but not for me :(.
I''m NOT using NAT.
Chain OUTPUT (policy ACCEPT 71 packets, 24227
2003 Jul 29
1
IMQ and fwmark
Hi all,
I want to divide the incoming traffic between what should go to
the firewall and what should be forwarded to the local network
behind it. I started with the IMQ example config, but added an
extra htb class right below "10:1" to get the two sfq''s to borrow
each other''s bandwidth.
However, I can''t figure out how to set the two marks. According to
this
2004 Oct 15
0
iproute with fwmark
Hi,
not sure if it will work, i''ve 2 leased lines, behind line 1 is a webserver,
this
server should answer all incomming http requests through leased line 1, the
webserver
self parses other webserver, this outbound traffic should go over leased
line 2.
i''ve successfully added fwmark with iproute, but if i set the policy for the
webserver to
use leased line 2 (for parsing other
2002 Aug 25
0
could iproute2 set fwmark?
How feasible would it be to have iproute2 set fwmark, the mark normally
set by ipchains/iptables? This would help iptables (postrouting) identify
the intended route for a packet.
Nic Ivy
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
2004 Aug 12
2
Hashing table based on FWMARK
We currently use iptables, matching packets based on IP address and marking
them with an ID. Multiple IP addresses can be marked with the same ID. We
then filter based on the ID. We have close to 2000 filters now and I''m
looking into hashing tables. Is there any way to create a hashing filter
based on the fwmark?
Paul C. Diem
PCDiem@FoxValley.net
2005 Nov 29
0
fwmark port - dual adsl line
Hi all,
Below is my network diagram: -
eth0 (adsl 1) eth1 (adsl 2)
| |
| |
| |
| |
-----------------
| |
| Gateway |
| |
-----------------
|
|
|
tun0
Below is my iptables scripting to mark certain ports:
-
2005 Nov 15
3
can I use tos and fwmark at the same time?
Hello lartc maintainers and users!
I have a router with two NICs. One NIC is connected to the Internet and the other to my internal LAN. I made a script for priorizing interactive traffic. The script matches TOS Minimize-Delay for priorizing interactive trafic, and fwmark for metropolitan packets.
I have two root classes (simulating two circuits) : 1:1 for internet and 1:3 for metropolitan.
2006 Mar 28
1
Please help - totally confused (NAT + FWMARK + IMQ + HTB)
Hello,
I''m trying to get my shaper to work, but have only a partial success.
Can someone help me with that. My setup unfortunately is not so trivial,
but I think some people could have similar one...
1. There is a router connected to the internet line via interface eth0
2. There are users connected to the router via two interfaces : eth1 and
wlan0
3. All users are assigned private IP
2004 Jan 07
0
Match packet mark with --set-mark to ip rule fwmark
Hi,
Here I am trying something simple.
My objective is to make ip rule fwmark command work :)
Network Diagram:
--- 192.168.250.197 (eth0) Linux Box (eth1) 192.168.8.88 -------------192.168.8.122 (eth0) Windows XP Client
Configuration done on Linux Box:-
(1) [root@g webauth]# iptables -t mangle -A PREROUTING -j MARK --set-mark 5
[root@g webauth]# iptables -t mangle -L
Chain PREROUTING (policy
2003 Mar 15
0
[Bug 63] New: fwmark loopback routing issue
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=63
Summary: fwmark loopback routing issue
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: ip_tables (kernel)
AssignedTo:
2006 Feb 06
0
ip rule, fwmark, mangle and src IP
I made a script to test if in a moultiple gateway setup all default
connection are up, regardless of the fact that that gateway is the default
gw.
Suppose adsl1 and adsl2 are present, and all traffic goes by default to
adsl1, and you want to test if adsl2 is ok.
1. I use mangles from iptables to mark icmp packets to some test machines
2. I set up a routing table for each adsl
3. I use
2005 Jan 06
0
iproute with iptables/mangle
Hi List,
i have a realy strange problem with no solution yet,
i''m using iproute together with the iptables mangle option, in a dmz network
is
a cisco pix present with another inet link behind, therefore i''m using the
mangle option to split traffic on a protocol base like:
iptables -A PREROUTING -t mangle -i eth1 -s 192.168.1.5 -p tcp --dport 80 -j
MARK --set-mark 3
and add the
2005 Feb 15
0
Help with bandwith control in a firewall/bridge machine
Hello again,
First, excuse me for my poor english.
I''m trying now to make bandwith control in a firewall machine running
Shorewall. This machine is also a bridge using bridge-utils
bridge-utils-devel. It is a mandrake 10. The configuration is something like
this:
FTP/Webserver ------| eth0 eth1
Mailserver
2004 Aug 17
0
TCP load balance
Hello, LARTC mailing readers, I hope u can help with this mysterious
issue
i''m having with my linux box acting as a router.
Scenario:
Linux running 2.6.8.1 /w julians patches
Latest iproute (iproute2-ss040702)
4 NICS
-----------------
|
x eth0 (63.43.x.x) network mask (255.255.240.0)
|
|
x eth1 (63.43.x.x)
2004 Aug 18
0
outgoing TCP load balance
Hello, LARTC mailing readers, I hope u can help with this mysterious
issue
i''m having with my linux box acting as a router.
Scenario:
Linux running 2.6.8.1 /w julians patches /w support for multipath routing
Latest iproute (iproute2-ss040702)
4 NICS
-----------------
|
x eth0 (63.43.x.x) network mask (255.255.240.0)
|
|
2004 Jul 26
1
iptables marking problems and ip route not working
Hello,
I''m trying to configure a machine to send mail traffic out on eth0 and web
traffic, via Squid, out of eth1, with the default gw on the eth0 interface.
After spending most of the day of trying this and that and reading docs until
my eye hurts, I have had zero luck making anything work expect for standard
routing.
The Advance Routing Howto makes it seams easy to do this, but I fear