All of lore.kernel.org
 help / color / mirror / Atom feed
From: Piotr Chytla <pch@packetconsulting.pl>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] u32 and iptables do not work together
Date: Sat, 08 Apr 2006 10:03:10 +0000	[thread overview]
Message-ID: <20060408100310.GA30546@packetconsulting.pl> (raw)
In-Reply-To: <4436AEB8.1070300@cnett.com.br>

On Fri, Apr 07, 2006 at 03:26:00PM -0300, Nataniel Klug wrote:
>    Hello all,
>
Hello
 
>    I am trying to make a filter into my QoS rules and I founded that 
> when I try to use filters u32 and with fwmark they do not work together. 
> This is the filter I use, just and example, for u32:
> 
> $TC filter add dev $DL parent 1:0 protocol ip prio 1 u32 match ip sport 
> 22 0xffff flowid 1:10
> 
>    This is working fine. Now if I try to mark a package that I want it 
> to go to the same class (1:10) it get an error:
> 
> $IPT -t mangle -A PREROUTING -s 200.163.208.4 -j MARK --set-mark 10
> 
>    Then I tryed to make the filter for this:
> 
> $TC filter add dev $DL parent 1:0 protocol ip prio 1 handle 10 fw 
> classid 1:10
>
In 2.4.x kernerls u32 and fwmark can't work together , you can only 
mark by u32 or fwmark . In 2.6.x kernela I think from 2.6.8 or
something, you can use fwmark as u32 key 

In menuconfig check Networking/Networking support/Networking options/
and you have "Use nfmark as a key in U32 classifier".

Example :

 tc filter add dev eth0 protocol ip parent 1:0 prio 5 u32 \
         match mark 0x0090 0xffff \
         match ip dst 4.4.4.4 \
         flowid 1:90            

/pch
 
-- 
Dyslexia bug unpatched since 1977 ...
exploit has been leaked to the underground.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

  parent reply	other threads:[~2006-04-08 10:03 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-04-07 18:26 [LARTC] u32 and iptables do not work together Nataniel Klug
2006-04-07 18:45 ` Andreas Klauer
2006-04-07 19:09 ` Nataniel Klug
2006-04-07 19:54 ` Evgeni Gechev
2006-04-07 21:10 ` Jody Shumaker
2006-04-08 10:03 ` Piotr Chytla [this message]
2006-04-08 11:21 ` Nataniel Klug
2006-04-08 13:18 ` Piotr Chytla
2006-04-08 13:37 ` Andreas Klauer
2006-04-10 16:23 ` Nataniel Klug

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20060408100310.GA30546@packetconsulting.pl \
    --to=pch@packetconsulting.pl \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.