TC没有根据iptables MARK正确分类数据包

我有通过eth0连接到互联网的machineA。 另一方面,MachineB通过网格连接到machineA,并通过machineA连接到互联网。 我想优先考虑来自机器B的stream量。
现在,只要machineB的上传速率在两者竞争带宽的时候就受到限制。 我怀疑问题是用于ifb0的filter,我用它来形成传入的stream量。
该行: tc filter add dev ifb0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10似乎不工作,所有数据包通过默认stream程,而不是1:10。 我仔细检查了iptables,它正确地标记数据包。
这是我目前的脚本:

 #!/bin/sh -x # Bandwidth of home connection MAX_BW=10 #in Mbits MAX_BW_GUEST=10 MIN_GUEST_BW=1 #minimum guaranteed guest bandwidth in Mbits # Interface facing the Internet EXTDEV=eth0 # Clear old queuing disciplines (qdisc) on the interfaces and the MANGLE table tc qdisc del dev $EXTDEV root 2> /dev/null > /dev/null tc qdisc del dev ifb0 root 2> /dev/null > /dev/null modprobe ifb ip link set dev ifb0 down ip link set dev ifb0 up iptables -t mangle -F # appending "stop" (without quotes) after the name of the script stops here. if [ "$1" = "stop" ] then echo "Traffic shaping stopped." exit fi #Marking packets that are forwarded iptables -A FORWARD -t mangle -j MARK --set-mark 1 # Policing incoming traffic using ingress qdisc tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 action mirred egress redirect dev ifb0 # HTB classes on IFB and eth0 with rate limiting tc qdisc add dev eth0 root handle 1: htb default 20 tc class add dev eth0 parent 1: classid 1:1 htb rate ${MAX_BW}Mbit burst 15k tc qdisc add dev ifb0 root handle 1: htb default 20 tc class add dev ifb0 parent 1: classid 1:1 htb rate ${MAX_BW}Mbit burst 15k tc class add dev eth0 parent 1:1 classid 1:10 htb prio 0 rate ${MIN_GUEST_BW}Mbit ceil ${MAX_BW_GUEST}Mbit #class 1:10 for guest tc class add dev eth0 parent 1:1 classid 1:20 htb prio 2 rate ${MAX_BW}Mbit ceil ${MAX_BW}Mbit #class 1:20 for home owner tc class add dev ifb0 parent 1:1 classid 1:10 htb prio 0 rate ${MIN_GUEST_BW}Mbit ceil ${MAX_BW_GUEST}Mbit #class 1:10 for guest tc class add dev ifb0 parent 1:1 classid 1:20 htb prio 2 rate ${MAX_BW}Mbit ceil ${MAX_BW}Mbit #class 1:20 for home owner tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10 tc qdisc add dev ifb0 parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev ifb0 parent 1:20 handle 20: sfq perturb 10 # Packets marked with "1" on either eth0 or ifb0 flow through class 1:10, else class 1:20 tc filter add dev eth0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10 tc filter add dev ifb0 parent 1: prio 1 protocol ip handle 1 fw flowid 1:10 exit 0