<html><head><meta name="Generator" content="PocoMail 3 HTML/CSS Generator"/>
<style type="text/css"><!--
p{display:block;font-family:"Tahoma";font-size:10pt;color:navy;margin:0.00in;text-align:left;}
LI{display:list-item;font-family:"Tahoma";font-size:0pt;color:black;margin-top:0.00in;margin-bottom:0.00in;text-align:left;}
td{display:block;font-family:"Tahoma";font-size:0pt;color:black;margin-left:0.00in;margin-right:0.00in;text-align:left;}
body{}
--></style>
</head><BODY BGCOLOR="#F0F0F0"><p><SPAN style="font-family:'Tahoma';">thanks for that - i confused myself trying to figure out which was which ;o</SPAN></p>
<p> </p>
<p><SPAN style="font-family:'Tahoma';">Jeff</SPAN></p>
<p> </p>
<p> </p>
<p><SPAN style="font-family:'Tahoma';">On Fri, 16 Apr 2004 16:45:13 -0400, Jason Staudenmayer wrote:<br/></SPAN><SPAN style="font-family:'Tahoma';">> it would be the destination.</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> -----Original Message-----</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> From: Jeff [<a href="mailto:jeff@virgin.net]">mailto:jeff@virgin.net]</a></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Sent: Friday, April 16, 2004 4:31 PM</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> To: redhat-list@redhat.com</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Subject: iptables confusion</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Hi All,</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Quick question regarding iptables - I have traffic shaping set up</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> and need to change the rules below. I need to give people accessing</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> my website a LOWER priority than me accessing external sites. I.E -</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> requests coming into this box on port 80 need a lower priority than</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> my outbound requests on port 80.</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> I know i need to change one of the following lines but not sure how</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> iptables works out source and destination ports.</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Current ruleset gives ALL http traffic a high priority...</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> iptables -t mangle -A POSTROUTING -p tcp -m tcp --dport 80 -j MARK -</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> -set-mark 0x5</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> iptables -t mangle -A POSTROUTING -p tcp -m tcp --sport 80 -j MARK -</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> -set-mark 0x5</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> which line needs changing?</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Thanks</SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">></SPAN><SPAN style="font-family:'Tahoma';"><br/></SPAN><SPAN style="font-family:'Tahoma';">> Jeff</SPAN><SPAN style="font-family:'Tahoma';"><br/><br/><br/></SPAN></p>
</body></html>