В сообщении от Monday 24 September 2007 15:07:28 yang,fang написал(а):
> Hello,
>
>
>
> I am trying to use iptables together with tc
>
> I need to use IPMARK module of iptables, but I got a strange error after I
> run 'iptables -t mangle -A POSTROUTING -o eth0 -j IPMARK --addr=dst
> --and-mask=0xffff --or-mask=0x1000'
>
> The command is copied from iptables manual itself (of course interface
> changed)
>
> I only got " iptables v1.3.5: Unknown arg `--addr=dst'
>
<skip />
I think, your iptables just does not have IPMARK extension, which was cleaned
from pom tree. You can check it with shell command:
$ ls -l /lib/iptables/ | grep IPMARK || echo no IPMARK found
If you still want to have separate buckets for every destination IP and do not
want to build iptables extension by yourself, you can use tc filter with
hashing.
I have a ip/tc management tool, which can build such solutions with simple
configs like that:
!
egress htb
rate 100Mbit
!
class-factory 10.0.0.0/24
rate 64Kbit
class-factory 10.0.1.0/24
rate 128Kbit
But I wrote no English documentation yet. If there is need for such tool and
there will be anyone to proofread very-bad-English docs, I can try to write
it.
--
Peter V. Saveliev
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
