cooperation between connection tracking and traffic shaping
Eric Leblond
eric at inl.fr
Wed Nov 1 11:45:18 CET 2006
Hi,
Le mercredi 01 novembre 2006 à 11:21 +0100, Filip Sneppe a écrit :
> Hi Yakov,
>
> On 11/1/06, Yakov Lerner <iler.ml at gmail.com> wrote:
> > It worked. But I think it was ugly because:
> > (2) maybe there is a much easier way to achieve this
> > qos-to-conntrack cooperation [than hacking conntrack modules] ?
> >
> Yes, the general way to do this, is to use the MARK target from
> netfilter to mark the packets you want to QoS and then use the fwmark
> from within your tc rules.
>
> That works without hacking any code. Note that the fwmarks can also
> be used between netfilter and the advanced routing framework in the
> Linux kernel (ip route, ip rule, etc.)
Yes, but you have to use CONNMARK on top of that to be able to put the
mark on all packets of a connections. It also works with RELATED
packets. This will be useful with SIP ...
BR,
--
Eric Leblond <eric at inl.fr>
INL
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : /pipermail/netfilter/attachments/20061101/c82517de/attachment.pgp
More information about the netfilter
mailing list