* [LARTC] Hashing table based on FWMARK
@ 2004-08-12 5:53 Paul C. Diem
2004-08-12 10:13 ` George Alexandru Dragoi
2004-08-12 13:49 ` Paul C. Diem
0 siblings, 2 replies; 3+ messages in thread
From: Paul C. Diem @ 2004-08-12 5:53 UTC (permalink / raw)
To: lartc
We currently use iptables, matching packets based on IP address and marking
them with an ID. Multiple IP addresses can be marked with the same ID. We
then filter based on the ID. We have close to 2000 filters now and I'm
looking into hashing tables. Is there any way to create a hashing filter
based on the fwmark?
Paul C. Diem
PCDiem@FoxValley.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] Hashing table based on FWMARK
2004-08-12 5:53 [LARTC] Hashing table based on FWMARK Paul C. Diem
@ 2004-08-12 10:13 ` George Alexandru Dragoi
2004-08-12 13:49 ` Paul C. Diem
1 sibling, 0 replies; 3+ messages in thread
From: George Alexandru Dragoi @ 2004-08-12 10:13 UTC (permalink / raw)
To: lartc
WTF is "hash" or "hash table" ? are you looking into:
ip rule help
?
On Thu, 12 Aug 2004 00:53:40 -0500, Paul C. Diem <pcdiem@foxvalley.net> wrote:
> We currently use iptables, matching packets based on IP address and marking
> them with an ID. Multiple IP addresses can be marked with the same ID. We
> then filter based on the ID. We have close to 2000 filters now and I'm
> looking into hashing tables. Is there any way to create a hashing filter
> based on the fwmark?
>
> Paul C. Diem
> PCDiem@FoxValley.net
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
--
Bla bla
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: [LARTC] Hashing table based on FWMARK
2004-08-12 5:53 [LARTC] Hashing table based on FWMARK Paul C. Diem
2004-08-12 10:13 ` George Alexandru Dragoi
@ 2004-08-12 13:49 ` Paul C. Diem
1 sibling, 0 replies; 3+ messages in thread
From: Paul C. Diem @ 2004-08-12 13:49 UTC (permalink / raw)
To: lartc
The hash tables created with:
tc filter add ... handle A: u32 divisor B
and distributed to with:
tc filter add ... u32 ht C:: match ... hashkey mask D at E link A:
the first line creates a hash table A with B entries and the second line
directs packets to the table entries based on the result of applying the
mask D to the match value. This substantially reduces the number filters
that need to be searched for each packet since the kernel can simply use the
hashkey as an index into the table.
What I want to do is direct packets to hash table entries based on the
firewall mark. I only see documentation and directing packets to hash table
entries using the u32 selector. Since the firewall mark is not part of the
packet itself, I can't use u32.
Paul C. Diem
PCDiem@FoxValley.net
> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
> Behalf Of George Alexandru Dragoi
> Sent: Thursday, August 12, 2004 5:14 AM
> To: lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] Hashing table based on FWMARK
>
>
> WTF is "hash" or "hash table" ? are you looking into:
> ip rule help
> ?
>
> On Thu, 12 Aug 2004 00:53:40 -0500, Paul C. Diem
> <pcdiem@foxvalley.net> wrote:
> > We currently use iptables, matching packets based on IP address
> and marking
> > them with an ID. Multiple IP addresses can be marked with the
> same ID. We
> > then filter based on the ID. We have close to 2000 filters now and I'm
> > looking into hashing tables. Is there any way to create a hashing filter
> > based on the fwmark?
> >
> > Paul C. Diem
> > PCDiem@FoxValley.net
> >
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-08-12 13:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-12 5:53 [LARTC] Hashing table based on FWMARK Paul C. Diem
2004-08-12 10:13 ` George Alexandru Dragoi
2004-08-12 13:49 ` Paul C. Diem
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.