cheeze wrote:I think they're great
However, I don't know what the letters/numbers mean.
majkel wrote:When it will be use in 6.x ?
mknnoc wrote:I am not sure if I understand it correctly. If possible, can you write some explanation under each packet flow diagram?
ekkas wrote:the diagram shows Global HTB in Input chain
It shows it not only in Input chain, but in the Postrouting chain as well.
Any kind of traffic first hits Global HTB, then Simple Tree, and it does it only once.
The packet flow has changed and you will need to adopt to it.
ekkas wrote:There is no mangle opportunity after that to re-mark the packet before Interface HTB(4-)?
ekkas wrote:can a packet carry more than one mark?
normis wrote:The original is in Open Office
Code: Select all
add l2mtu=1590 name=BR_TEST
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/interface bridge filter
add action=mark-packet chain=input in-interface=ether1 new-packet-mark=PACKET_ETH1_UPLOAD
add action=mark-packet chain=output new-packet-mark=PACKET_ETH1_DOWNLOAD out-interface=ether1
/interface bridge port
add bridge=BR_TEST interface=ether1
add bridge=BR_TEST interface=ether3
add bridge=BR_TEST interface=ether4
add bridge=BR_TEST interface=ether5
/interface bridge settings
set allow-fast-path=no use-ip-firewall=yes use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=yes
add address=192.168.88.1/24 comment="default configuration" interface=BR_TEST network=192.168.88.0
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether2
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=log chain=forward log-prefix=FILTER
/ip firewall mangle
add action=log chain=forward log-prefix=PREROUTING
/ip firewall nat
add action=masquerade chain=srcnat
mleducxit wrote:HI all,
So quickly, I've add a Bridge interface name BR_TEST, with eth1,3,4 and 5, eth2 are my dhcp client into my personal network and I masquerade anything trough this interface.
I've disabled the fast path for the bridge and enabled the IP Firewall options to enter into the ip mangle table and grab somes packets log output, log that I have seen into the LOG window.
I've just realized that the represented interface are the bridge interface BR_TEST and not ether2...
I mean, the traffic are still handled by the physical port, not really, but mabe, the virtual BR_TEST port.
Question #1: It is the chipset who do this?
Always referring the chart, I've add two filter rules into the bridge management and now I can track my interface management.
So I've mark my packets, add it on seperated HTB rules and my download queue dont work...
What I'Ve missing?
noviy wrote:I propose to consider another option