[LARTC] How can I do traffic shapping for passive ftp ?
Sébastien CRAMATTE
s.cramatte at wanadoo.fr
Tue Jan 9 10:41:32 CET 2007
Kajetan Staszkiewicz a écrit :
> Dnia poniedziałek, 8 stycznia 2007 21:25, Sébastien CRAMATTE napisał(a):
>
>
>> Hello
>>
>> I've setuped a bridge with iptables + layer + ipp2p + tc
>> I don't know how to shape passive ftp ?
>>
>> If I put rules on port 20, 21 or using layer 7 iptables accounting
>> still empty ...
>> When I done a tcpdump I can see that othe port than 20 or 21 are used ...
>>
>
> Use ip_nat_ftp and ip_conntrack_ftp modules. Then mark ftp traffic with helper
> match.
>
> example:
> iptables -t mangle -A FORWARD -m helper --helper ftp -j MARK --set-mark 0x03
>
>
>
I haven't specifiy that I don't use NAT. I use this QoS manager for a
very small ISP and I can't control ftp server
Upgrading Layer7 protocols seems thas is ok ...
Regards
More information about the LARTC
mailing list