On Saturday 08 March 2003 05:07, Martin A. Brown wrote:
> : > What exactly do you mean here? Do you wish to use fwmark as a
> : > selector for traffic control?
> :
> : Not sure if I mean fwmark. However Stef's docs are on my reading
> : list. Basically I will want to simulate different types of firewalls
> : per iprange. Meaning -- the basic firewall config I will allow
> : anything out and only responses into the "network" and on a more evil
> : admin type firewall I would like to block various ports from outbound
> : access.
>
> I think you'll find iptables more than adequate.
>
> For the packet filtering, mangling/marking and NAT (if you need it),
> you'll find iptables more than adequate.
>
> For traffic control, you'll use tc, which is part of the iproute2 package.
> (Note, that the tc with htb support is currently only available via the
> main HTB page, as a patch or binary.)
>
> : Which would be better ipchains or iptables?
>
> iptables if you have a choice.
>
> For iptables help:
>
> http://iptables-tutorial.frozentux.net/
An other reason is that you need kernel 2.4.x for the htb support so you need
iptables. Ipchains is for kernel 2.2.x.
Stef
--
[EMAIL PROTECTED]
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
