On Tue, Apr 24, 2007 at 06:13:37AM -0300, Alexandre J. Correa - Onda Internet wrote: > You can use STRING + CONSAVE modules !! > > mark packets... > > because string match only "starter packet" ... the others packets from > the same connection isnĀ“t marked.. consave can track this.. > > -j CONNMARK --restore-mark > -m string --string 'string' --algo bm -j MARK --set-mark 1 > -m string --string 'string2' --algo bm -j MARK --set-mark 2 > -m mark --mark 1 -j CONNMARK --save-mark > -m mark --mark 2 -j CONNMARK --save-mark
I haven't fully tested the shaping setup, but it appears to be classifying packets correctly. One limitation is that it can't cope with SSL; fortunately that's not a current requirement for us, but I probably will need to find a solution for that at some point. Anyway, thanks again. _______________________________________________ LARTC mailing list [email protected] http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
