-
Notifications
You must be signed in to change notification settings - Fork 3
Nfqwf configuration
karlhiramoto edited this page Jun 30, 2011
·
3 revisions
Sample single host config, assuming running on a single host, and filtering all traffic when your host is a client
#!/bin/bash
IPT=iptables
# The following rules will clear out any existing firewall rules,
# and any chains that might have been created. just to make debug easy
$IPT -F
$IPT -F INPUT
$IPT -F OUTPUT
$IPT -F FORWARD
$IPT -F -t mangle
$IPT -F -t nat
$IPT -X
#setup queues so traffic goes to nfqwf
$IPT -t mangle -A INPUT -i eth0 -p tcp --sport 80 -j NFQUEUE --queue-balance 1:10
$IPT -t mangle -A OUTPUT -o eth0 -p tcp --dport 80 -j NFQUEUE --queue-balance 1:10
$IPT -t mangle -A FORWARD -p tcp -m multiport --ports 80 -j NFQUEUE --queue-balance 1:10
#launch nfqwf with config and over queues 1 to 10 we just configured
nfqw -c /path/to/config.xml -q 1 -Q 10
`