On Mon, Jul 08, 2002 at 09:45:38AM +0300, Daniel Sercaianu wrote: > > The same problem I encountered myself when I try to SNAT some ip's > going through my router. The incoming is shaped ok but the outgoing > doesn't seem to hit my rules. I think when the traffic leaves the outgoing > interface isn't caught in the filter rules because the source address of > the packets is already changed with the address specified in the SNAT > rules or with the address of the outgoing interface if you do masquerade. > To make some shapers, I think you have to shape the ip of the outgoing
Exactly - once tc 'sees' your packets they have everything done to them already. Every translation by then will have finished. > interface, but this only works if you want to shape globally only one > filter rules because there is only one ip of the outgoing interface you can catch it >in > the filter rules. If someone can give any clues how we can solve this > problem please help us. Add fwmarks - they survive the NAT process and tell you where packets came from. The HOWTO details this. Regards, bert -- http://www.PowerDNS.com Versatile DNS Software & Services http://www.tk the dot in .tk http://lartc.org Linux Advanced Routing & Traffic Control HOWTO _______________________________________________ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
