Hi,

I'm implementing a script to do traffic shaping and here are my rules:

tc qdisc add dev eth0 root handle 1:0 htb
tc class add dev eth0 parent 1:0 classid 1:1 htb rate 2kbit ceil 2kbit
tc class add dev eth0 parent 1:0 classid 1:2 htb rate 500kbit ceil 500kbit

tc qdisc add dev eth0 parent 1:1 sfq perturb 10
tc qdisc add dev eth0 parent 1:2 sfq perturb 10

tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 256 fw flowid 1:1
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle 1536 fw flowid 1:2

and for the purpose of testing, I did some testing rules on iptables as follows:

iptables -t mangle -N internet_256
iptables -A PREROUTING -t mangle -m mac --mac-source XX-XX-XX-XX-XX-XX -j internet_256
iptables -t mangle -A internet_256 -j MARK --set-mark 256
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

Like when a client has the above mac address it'll be redirected to the internet_256 rules and then will be marked with 256. I'm not sure why its not working properly. Any advise?

Thanks in advance.

On the iptables MARK, try using hexadecimal - so --set-mark 0x100 (for 256 in tc) and give that a try. I seem to remember having is problem in the past and just checking my scripts source, this is how I resolved the issue.

Thanks in a word

Thank you, but it didn't work.
This should work in case I add the following line:
iptables -t mangle -A PREROUTING -j MARK --set-mark 0x100

Which is not what I want, I only want certian mac address to be included into this, if I do the following:
iptables -t mangle -A PREROUTING -m mac --mac-source XX:XX:XX:XX -j MARK --set-mark 0x100

Also I doesn't work.
From searching around I found that you have something like the following:
tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match u16 0x0800 0xffff at -2 match u16 0x4E83 0xffff at -4 match u32 0x0800271C 0xffffffff at -8 flowid 1:1

but also didn't work. I'm not sure what I'm missing,
Any ideas? any suggestions?

Regards,