Hi! I'm trying to set up traffic shaping on my firewall. The firewall is also serving as a ftp-server and is connected to my provider through a DSL-Link (dynamic ip), 768k down- and 128k upstream. What I want to do is: Split my (upstream) link in two classes using tc, one with 128k, one with 0k. Mark packets orginating from my ftp-server with some value and install an tc filter forcing all ftp-traffic to go through the 0k link, so downloads will never take away bandwidth I need for myself, but be able to borrow unused bandwidth. My first thought was to use the source-ports for markink, but locally generated packets of course use the same ports as passive ftp. Second try: use the connection tracking and state modules and mark packets matching --state RELATED. I tried marking them in the OUTPUT chain of the mangle table, which worked, but only marked the first packet of a connection. Has anyone got some suggestions? Thanks, Patrick McHardy - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
