Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| gnu_linux:iptables:traffic_control [2012/03/21 13:10] – created kolan | gnu_linux:iptables:traffic_control [2012/05/26 13:00] (current) – kolan | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | test | + | ====== Traffic control using Iptables/ |
| + | |||
| + | <code bash | Netfilter rules> | ||
| + | # --- Traffic control --- | ||
| + | iptables -t mangle -F | ||
| + | iptables -t mangle -X | ||
| + | iptables -t mangle -N IN-LAN | ||
| + | iptables -t mangle -N OUT-LAN | ||
| + | iptables -t mangle -N IN-INTERNET | ||
| + | iptables -t mangle -N OUT-INTERNET | ||
| + | iptables -t mangle -I PREROUTING -m mark ! --mark 105 -j IN-INTERNET | ||
| + | iptables -t mangle -I POSTROUTING -m mark ! --mark 105 -j OUT-INTERNET | ||
| + | iptables -t mangle -I PREROUTING -s 192.168.0.0/ | ||
| + | iptables -t mangle -I POSTROUTING -d 192.168.0.0/ | ||
| + | iptables -t mangle -I PREROUTING -s 127.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I POSTROUTING -d 127.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I PREROUTING -s 169.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I POSTROUTING -d 169.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I PREROUTING -s 172.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I POSTROUTING -d 172.0.0.0/8 -j MARK --set-mark 105 | ||
| + | iptables -t mangle -I PREROUTING -s 192.168.0.0/ | ||
| + | iptables -t mangle -I POSTROUTING -d 192.168.0.0/ | ||
| + | iptables -t mangle -A IN-LAN -s 0/0 | ||
| + | iptables -t mangle -A OUT-LAN -d 0/0 | ||
| + | iptables -t mangle -A IN-INTERNET -s 0/0 | ||
| + | iptables -t mangle -A OUT-INTERNET -d 0/ | ||
| + | |||
| + | <code bash | Monitor> | ||
| + | sudo iptables -t mangle -L OUT-INTERNET -v | tail -n1 | sed 's~ *[^ ]\+ *\([^ ]\+\).*~\1~'</ | ||