[LARTC] incoming traffic + iptable
mohican 542003
thelastmohican54 at gmail.com
Wed Feb 28 15:39:54 CET 2007
Hello,
i try to use iptables to mark packet and then to filter them with tc. Here
is my script:
iptables -t mangle -A PREROUTING -s 172.28.54.41/32 -p tcp -j MARK
--set-mark 1
tc qdisc add dev eth0 handle ffff: ingress
tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw police
rate 10000kbit burst 10000kbit mtu 1500k drop flowid :1
I can not use u32 because i have several filter with more than one IP
address in each.
Packets seem to be well marked (command: iptables -t mangle -L -vnx)
but packets are not filtered with tc.
Can someone help me ?
Thanks,
Olivier.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ds9a.nl/pipermail/lartc/attachments/20070228/25f9556a/attachment.htm
More information about the LARTC
mailing list