RE:QoS and HTTP Proxy question

Forums Network Management ZeroShell RE:QoS and HTTP Proxy question

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • November 20, 2009 at 3:31 am #42055
    Chen_yuda
    Member

    you change policy
    iptables -t mangle -A OUTPUT -p tcp –sport 80 -j MARK –set-mark 0x11

    outbound

    >
    (1)

    (2)

    (3)
    a.a.a.a

    LAN Zeroshell(b.b.b.b)Wan

    Internet
    <
    inbound

    (5)

    (4)
    (1)a.a.a.a

    http://www.google.com:80
    (2)a.a.a.a

    b.b.b.b:8080
    (3)b.b.b.b

    google:80
    Can use -m layer7 –l7proto (contain include http://)
    (4)google:80

    b.b.b.b
    (5)google:80(Zeroshell Change ip google:80)

    a.a.a.a
    outbound and intbound are differe session
    inbound Can not use -m layer7
    must use -p tcp –sport 80
    WAN output can use -m layer7 (contain include http://)
    LAN output can not -m layer7
    outbound and intbound are differe session
    (contain not include http://)
    must use -p tcp –sport 80

    November 20, 2009 at 10:03 am #49136
    ppalias
    Member

    I don’t understand what your question is, but a mistake that I have found here is that for accessing webpages in the internet instead of 

    --sport 80

    you should use 

    --dport 80
  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.