All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] which executed first, tc or netfilter
@ 2003-10-11  6:16 zain arrifa'i
  2003-10-11  9:45 ` Stef Coene
  0 siblings, 1 reply; 2+ messages in thread
From: zain arrifa'i @ 2003-10-11  6:16 UTC (permalink / raw)
  To: lartc

I have several local networks connected to internet
via a gateway, acting as SNAT box as well as shaper
box.

in some occasions, I got confused about which one is
executed first inside the kernel; the SNAT rules
postrouting chain, or the tc filter rules that
classify packet for shaping/queueing.

I need to know which source address I should use in
the tc filter rules, the local IP source, or the
public IP that used for SNAT.

I have tried to look at tc -s ..show command result,
or iptables -L result, but I'm not convinced yet.

anybody has nice explanations about that? 

thank you.

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] which executed first, tc or netfilter
  2003-10-11  6:16 [LARTC] which executed first, tc or netfilter zain arrifa'i
@ 2003-10-11  9:45 ` Stef Coene
  0 siblings, 0 replies; 2+ messages in thread
From: Stef Coene @ 2003-10-11  9:45 UTC (permalink / raw)
  To: lartc

On Saturday 11 October 2003 08:16, zain arrifa'i wrote:
> I have several local networks connected to internet
> via a gateway, acting as SNAT box as well as shaper
> box.
>
> in some occasions, I got confused about which one is
> executed first inside the kernel; the SNAT rules
> postrouting chain, or the tc filter rules that
> classify packet for shaping/queueing.
>
> I need to know which source address I should use in
> the tc filter rules, the local IP source, or the
> public IP that used for SNAT.
>
> I have tried to look at tc -s ..show command result,
> or iptables -L result, but I'm not convinced yet.
>
> anybody has nice explanations about that?
Tc is the last thing that's done with a packet.  So after SNAT and 
postrouting.  
Also see the KPTD (Kernel Packet Traveling Diagram) page at docum.org.

Stef

-- 
stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-10-11  9:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-10-11  6:16 [LARTC] which executed first, tc or netfilter zain arrifa'i
2003-10-11  9:45 ` Stef Coene

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.