[LARTC] Packet marking for ingress shapping and NET
Patrick Spousta
spousta@brn.czn.cz
Mon, 10 May 2004 12:10:48 +0200
Hi,
I have typical situation, local LAN with private addresses, translated
via NAT to internet. I need to shape ingress traffic (from internet to
local LAN) in several HTB queues accorting to destination (private not
public) IP. So I need mark packets to divide them to corresponding
queue. According to http://www.docum.org/stef.coene/qos/kptd/ I thing I
have only one way how to do it, because MARK in PREROUTING is before (de)NAT
PREROUTING (de)NAT
V
FORWARD marking
V
FORWARD put to IMQ
V
HTB shapping
V
routing decision
V
output interface
It has a small problem. After PREROUTING some packets are routed to
INPUT (packets intended for this machine for local processes)
Does exists solution how to NAT and MARK in PREROUTING, but in this order?
Patrick