Wiki Search

Actions

Donate

Flattr this

Translations

You are here: OpenWrt Wiki » Documentation » HOWTOs » Netfilter/Nftables » netfilter.iptables.example3 

iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto bittorrent -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto ftp -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto ftp -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto ssh -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto ssh -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto pop3 -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto pop3 -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto smtp -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto smtp -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto imap -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto imap -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto directconnect -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto directconnect -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto http -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto http -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto rdp -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto rdp -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto smb -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto smb -j MARK --set-mark 3
 
iptables -t mangle -A POSTROUTING -o vlan1 -m layer7 --l7proto ventrilo -j MARK --set-mark 3
iptables -t mangle -A PREROUTING -i vlan1 -m layer7 --l7proto ventrilo -j MARK --set-mark 3
 
#All unmarked
iptables -t mangle -A POSTROUTING -o $WAN -m mark --mark 0 -j MARK --set-mark 100
iptables -t mangle -A PREROUTING -i $WAN -m mark --mark 0 -j MARK --set-mark 101

Back to top

doc/howto/netfilter/netfilter.iptables.example3.txt · Last modified: 2011/08/26 17:28 by orca

Creative Commons License This text is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.