[LARTC] How can I do traffic shapping for passive ftp ?
Kajetan Staszkiewicz
kajtek at biezanow.net
Tue Jan 9 09:14:29 CET 2007
Dnia poniedziałek, 8 stycznia 2007 21:25, Sébastien CRAMATTE napisał(a):
> Hello
>
> I've setuped a bridge with iptables + layer + ipp2p + tc
> I don't know how to shape passive ftp ?
>
> If I put rules on port 20, 21 or using layer 7 iptables accounting
> still empty ...
> When I done a tcpdump I can see that othe port than 20 or 21 are used ...
Use ip_nat_ftp and ip_conntrack_ftp modules. Then mark ftp traffic with helper
match.
example:
iptables -t mangle -A FORWARD -m helper --helper ftp -j MARK --set-mark 0x03
--
| pozdrawiam / greetings | powered by Trustix, Gentoo and FreeBSD |
| Kajetan Staszkiewicz | jabber,email,www: vegeta()tuxpowered net |
| Vegeta | IMQ devnames: http://tuxpowered.net |
`------------------------^------------------------------------------'
More information about the LARTC
mailing list