cooperation between connection tracking and traffic shaping

Filip Sneppe filip.sneppe at
Wed Nov 1 11:21:43 CET 2006

Hi Yakov,

On 11/1/06, Yakov Lerner < at> wrote:
> It worked. But I think it was ugly because:
>      (1) I want qos-to-conntrack cooperation for more protocols
> with dynamic ports ... can I have it/do it without hacking every
> conntrack module ?
>     (2) maybe there is a much easier way to achieve this
> qos-to-conntrack cooperation [than hacking conntrack modules] ?
Yes, the general way to do this, is to use the MARK target from
netfilter to mark the packets you want to QoS and then use the fwmark
from within your tc rules.

That works without hacking any code. Note that the fwmarks can also
be used between netfilter and the advanced routing framework in the
Linux kernel (ip route, ip rule, etc.)

Best regards,

More information about the netfilter mailing list