/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hi Folks, I'm using a 2.4.x kernel and TC from the iproute2 package so that I can limit traffic through my gateway. I'm using this to mark packets when they leave the LAN: /sbin/ipchains -A forward -j MASQ -i eth0 -s 192.168.1.0/24 -d 0.0.0.0/0 -m 1 When the packets return, I need to have them marked again so that the ingress filter will limit the bandwidth in the opposite direction. The only way I have found to do this, is to mark EVERY packet like this: /sbin/ipchains -A input -i eth0 -s 0.0.0.0/0 -d 12.10.109.52/32 -m 1 This works, but what I would really like to do, is mark the 192.168.1.0/24 packets instead (after they have been "un-masq'ed", so that I can limit bandwidth on each interface in the gateway box. Is this possible? Thanks, Barton _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
