> anorther thing..this rule just filter the initial download request..that
> would be okay if oyu want filter completely, but if you want to slwo
> down (i mean using tc/htb/fwmarks) you wouldnt be matching the hole
> download, only the request...
>
>iptables -t mangle -A PREROUTING -p tcp -m --str
>then you need to use NF_IP_PRI_FILTER < x < NF_IP_PRI_NAT_SRC,
>for example NF_IP_PRI_FILTER + 1 or NF_IP_PRI_NAT_SRC - 1.
>look into include/linux/netfilter_ipv4.h for a list of pre-defined values.
>
>Patrick
thanks for your help, i only wonder if NF_IP_PRI_MANGLE+1 would be
sufficient, since th
x27;d like to use imq to shape traffic before SNAT changes source, and after filter
rules applies)
Regards
mikee
__
ignore ads below this line
Serwis www.logo.hoga.pl - sciÄ…gaj bajery na telefony
Nokia, Siemens, Alcatel, Ericsson, Motorola,Sa
3 different IP),
so nth packet marking isn't enough - all outgoing packets belonging to connection
must be sent through same link to have uniform "external" ip
regards,
mikee
__
ignore ads below this line
-
zr
's problem with connmark's mark - it doesn't work
with mark-based routing, but MARK module works so
packets can be marked with CONNMARK and then with MARK
so thar routing works)
mikee
__
ignore ads below this line
--
