[Openswan Users] Re: [LARTC] OpenSwan traffic shaping with HTB &
sfq
Abdul-Wahid Paterson
abdulwahid at gmail.com
Sat May 7 01:25:42 CEST 2005
Hi,
On 5/6/05, lee huughes <toxicnaan at gmail.com> wrote:
> on 2.6 kernel's using KAME, there in no concept of extra 'ipsecX'
> interfaces, what are you supposed to do then? I presume you treat it
> as you would any other traffic? the ipsec tunnel should be
> transparent!?
>
> correct me if I'm wrong
What I do is MARK the packets in PREROUTING and then the firewall mark
stays with the packet even once it is encrypted. You can then queue it
as needed either using CLASSIFY in the POSTROUTING or using tc to
filter it.
Regards.
Abdul-Wahid
More information about the Users
mailing list