On 12/22/11 1:04 PM, Tom Eastep wrote:
> On Thu, 2011-12-22 at 17:36 -0200, fabiano stocco2 wrote:
>
>>
>> I have two internet link. The first has 2Mbit the other has 4Mbit ,
>> so I'm riding with a download control which handles input to the
>> network based on the origin of the WAN links, this just right for min
>> control the amount of data traveling on each link. The problem that
>> shorewall can not make this rule below to min:
>>
>> # iptables-t mangle-A FORWARD-i eth1-o ETH3-p tcp - sport 80-j
>> Classify - set-class 3:21
>>
>> The Shorewall is trying to rule as tcpos and not tcfor as expected,
>> does not work with it.
>
> Shorewall currently doesn't allow CLASSIFY rules to be placed in the
> FORWARD chain.
>
Here's a patch.
patch /usr/share/shorewall/Shorewall/Tc.pm < CLASSIFY1.patch
To specify the FORWARD chain (tcfor), follow the classification with
':F'. Example: 3:21:F
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Write once. Port to many.
Get the SDK and tools to simplify cross-platform app development. Create
new or port existing apps to sell to consumers worldwide. Explore the
Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
http://p.sf.net/sfu/intel-appdev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
