[LARTC] Packet marking for ingress shapping and NET

[Patrick Spousta]

Hi

Andy Furniss wrote:

>> Does exists solution how to NAT and MARK in PREROUTING, but in this 
>> order?
>>
> 
> If you really need to shape for local and forwarded on ingress then you 
> use IMQ + the IMQ NAT patch and use u32 to filter on dst IP (if you are 
> masquerading a dynamic IP mark LAN traffic and use default for local).

It sounds good, but can you be more conrete?

> 
> If the traffic to local is not "bulk" ie just dns or ntp etc. then it 

Sometimes it is 'bulk' - FTP etc.

> would be less trouble to ignore it and just shape on your LAN facing 

Sorry, I forgot write that I have 3 LAN interfaces, so IMQ is only way 
how to do it.

Thanks
Patrick

> interface marking on dst in postrouting or using u32 on dst - both 
> should work, you may want to exclude traffic from server to LAN.
> 
> Andy.
>