cooperation between connection tracking and traffic shaping

Yakov Lerner iler.ml at gmail.com
Thu Nov 2 21:02:15 CET 2006


On 11/1/06, Eric Leblond <eric at inl.fr> wrote:
> Hi,
>
> Le mercredi 01 novembre 2006 à 11:21 +0100, Filip Sneppe a écrit :
> > Hi Yakov,
> >
> > On 11/1/06, Yakov Lerner <iler.ml at gmail.com> wrote:
> > > It worked. But I think it was ugly because:
> > >     (2) maybe there is a much easier way to achieve this
> > > qos-to-conntrack cooperation [than hacking conntrack modules] ?
> > >
> > Yes, the general way to do this, is to use the MARK target from
> > netfilter to mark the packets you want to QoS and then use the fwmark
> > from within your tc rules.
> >
> > That works without hacking any code. Note that the fwmarks can also
> > be used between netfilter and the advanced routing framework in the
> > Linux kernel (ip route, ip rule, etc.)
>
> Yes, but you have to use CONNMARK on top of that

And what's the solution for 2.4 ?

> to be able to put the
> mark on all packets of a connections. It also works with RELATED
> packets. This will be useful with SIP ...

Yakov



More information about the netfilter mailing list