Alohá
LeVA wrote:
>
> Hi!
>
> I have this setup now:
>
[...]
> Now the 128kbit/sec restriction doesn't apply to the internet uploads (which
> are marked with iptables, because these are going thru the router), but the
> LAN uploads are at full speed. What am I doing wrong?
Sorry, that was my mistake, but since the final destination of the
packets is the internet and not the router itself, with this setup for
the MARK target You shape only the traffic with the endpoint router ~:-/
So for Your situation You want to do something inverse, like
iptables -t mangle -A PREROUTING -d ! <network LAN, i.e. 192.168.1.0/24>
-j MARK --set-mark 1
which marks all packets who's destination is *not* the LAN.
sorry about the screwup
best regards
Martin
P.S.: Is that a p2p-client are You trying to shape btw? There's also a
good IP blacklist generator at http://www.bluetack.co.uk but be careful,
those lists easily get huge and take forever to load ;-)
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment