From mboxrd@z Thu Jan 1 00:00:00 1970 From: Upma Gandhi Subject: marking all h323 packets with some TOS Date: Thu, 09 Jan 2003 13:43:29 +0530 Sender: netfilter-admin@lists.netfilter.org Message-ID: <3E1D2F29.6443D681@networkprograms.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="------------7B4AB69A424A61F597E012D1" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter --------------7B4AB69A424A61F597E012D1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello All, I have a following setup Internet <-> Router with netfilter configure <-> LAN(192.9.201.0/24) lets supopose eth0 is LAN side Interface and eth1 is WAN side interface. what I want to do is "Mark all h323 packets with some tos value". for which my iptables command seems to be like this- iptables -t mangle -A FORWARD -o eth0 -d 192.9.201.0/24 -p tcp -m rtp -j FTOS --set-ftos 0xb8. but it's giving an error message - iptable: No chain/target/match by tha rule. Can anybody help me out. Thanks & Regards Upma --------------7B4AB69A424A61F597E012D1 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Hello All,
         I have a following setup

Internet <-> Router with netfilter configure <-> LAN(192.9.201.0/24)

lets supopose eth0 is LAN side Interface and
eth1 is WAN side interface.

what I want to do is "Mark all h323 packets with some tos value".
for which my iptables  command seems to be like this-
     iptables -t mangle -A FORWARD -o eth0 -d 192.9.201.0/24 -p tcp -m rtp -j FTOS --set-ftos 0xb8.

but it's giving an error message -
iptable: No chain/target/match by tha rule.

Can anybody help me out.

Thanks & Regards
Upma
  --------------7B4AB69A424A61F597E012D1-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Raymond Leach Subject: Re: marking all h323 packets with some TOS Date: 09 Jan 2003 10:44:18 +0200 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1042101858.26554.125.camel@rayw.knowledgefactory.co.za> References: <3E1D2F29.6443D681@networkprograms.com> Reply-To: raymondl@knowledgefactory.co.za Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-GErj172ppc/YOIIBHV6y" Return-path: In-Reply-To: <3E1D2F29.6443D681@networkprograms.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: Upma Gandhi Cc: Netfilter Mailing List --=-GErj172ppc/YOIIBHV6y Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Sounds like it doesn't understand the -j FTOS. Maybe a missing module or not compiled into the kernel? On Thu, 2003-01-09 at 10:13, Upma Gandhi wrote: > Hello All,=20 > I have a following setup=20 >=20 > Internet <-> Router with netfilter configure <-> LAN(192.9.201.0/24)=20 >=20 > lets supopose eth0 is LAN side Interface and=20 > eth1 is WAN side interface.=20 >=20 > what I want to do is "Mark all h323 packets with some tos value".=20 > for which my iptables command seems to be like this-=20 > iptables -t mangle -A FORWARD -o eth0 -d 192.9.201.0/24 -p tcp -m > rtp -j FTOS --set-ftos 0xb8.=20 >=20 > but it's giving an error message -=20 > iptable: No chain/target/match by tha rule.=20 >=20 > Can anybody help me out.=20 >=20 > Thanks & Regards=20 > Upma=20 > =20 --=20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ( Raymond Leach ) ) Knowledge Factory ( ( ) ) Tel: +27 11 445 8100 ( ( Fax: +27 11 445 8101 ) ) ( ( http://www.knowledgefactory.co.za/ ) ) http://www.saptg.co.za/ ( ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ o o o o .--. .--. | o_o| |o_o | | \_:| |:_/ | / / \\ // \ \ ( | |) (| | ) /`\_ _/'\ /'\_ _/`\ \___)=3D(___/ \___)=3D(___/ --=-GErj172ppc/YOIIBHV6y Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQA+HTZih1fuR/Bv+ygRArE2AKCB8R4mDStoDYXRhyVqE9hHaS9J8QCeKeqW Nvjwg/E7ovmftgo9TVOwS3Y= =JHDm -----END PGP SIGNATURE----- --=-GErj172ppc/YOIIBHV6y-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Upma Gandhi Subject: Re: marking all h323 packets with some TOS Date: Thu, 09 Jan 2003 17:13:09 +0530 Sender: netfilter-admin@lists.netfilter.org Message-ID: <3E1D604D.18388311@networkprograms.com> References: <3E1D2F29.6443D681@networkprograms.com> <1042101858.26554.125.camel@rayw.knowledgefactory.co.za> Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: raymondl@knowledgefactory.co.za, netfilter Hello Raymond, Thanks for your help. Modules are not missing and they are compiled also. But one doubt , in ip_conntarck_in function of ip_conntrack_core.c file. When it lokks for ct-helper, it's address is 0, means that helper are not register. But I've compiled h323& rtc helper, as I'm very new to iptables/netfilter, I don't have any idea what does this means ? Regards Upma Raymond Leach wrote: > Sounds like it doesn't understand the -j FTOS. Maybe a missing module or > not compiled into the kernel? > > On Thu, 2003-01-09 at 10:13, Upma Gandhi wrote: > > Hello All, > > I have a following setup > > > > Internet <-> Router with netfilter configure <-> LAN(192.9.201.0/24) > > > > lets supopose eth0 is LAN side Interface and > > eth1 is WAN side interface. > > > > what I want to do is "Mark all h323 packets with some tos value". > > for which my iptables command seems to be like this- > > iptables -t mangle -A FORWARD -o eth0 -d 192.9.201.0/24 -p tcp -m > > rtp -j FTOS --set-ftos 0xb8. > > > > but it's giving an error message - > > iptable: No chain/target/match by tha rule. > > > > Can anybody help me out. > > > > Thanks & Regards > > Upma > > > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > ( Raymond Leach ) > ) Knowledge Factory ( > ( ) > ) Tel: +27 11 445 8100 ( > ( Fax: +27 11 445 8101 ) > ) ( > ( http://www.knowledgefactory.co.za/ ) > ) http://www.saptg.co.za/ ( > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > o o > o o > .--. .--. > | o_o| |o_o | > | \_:| |:_/ | > / / \\ // \ \ > ( | |) (| | ) > /`\_ _/'\ /'\_ _/`\ > \___)=(___/ \___)=(___/ > > ------------------------------------------------------------------------ > Name: signature.asc > signature.asc Type: application/pgp-signature > Description: This is a digitally signed message part From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ranjeet Shetye Subject: Re: marking all h323 packets with some TOS Date: Thu, 09 Jan 2003 05:37:19 +0100 Sender: netfilter-admin@lists.netfilter.org Message-ID: <1042087039.1691.20.camel@knoppix> References: <3E1D2F29.6443D681@networkprograms.com> <1042101858.26554.125.camel@rayw.knowledgefactory.co.za> <3E1D604D.18388311@networkprograms.com> Mime-Version: 1.0 Content-Transfer-Encoding: 7BIT Return-path: In-reply-to: <3E1D604D.18388311@networkprograms.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org Are the modules loaded into the kernel ? run an lsmod and make sure that the modules are loaded. Otherwise you will need to use insmod or modprobe to load the modules into the kernel you might want to do this in some startup script so that the modules are loaded on bootup. Ranjeet Shetye. On Thu, 2003-01-09 at 12:43, Upma Gandhi wrote: > Hello Raymond, > Thanks for your help. > Modules are not missing and they are compiled also. > But one doubt , in ip_conntarck_in function of ip_conntrack_core.c file. > When it lokks for ct-helper, it's address is 0, means that helper are > not register. > But I've compiled h323& rtc helper, as I'm very new to > iptables/netfilter, I don't have any idea what does this means ? > > Regards > Upma > > Raymond Leach wrote: > > > Sounds like it doesn't understand the -j FTOS. Maybe a missing module or > > not compiled into the kernel? > > > > On Thu, 2003-01-09 at 10:13, Upma Gandhi wrote: > > > Hello All, > > > I have a following setup > > > > > > Internet <-> Router with netfilter configure <-> LAN(192.9.201.0/24) > > > > > > lets supopose eth0 is LAN side Interface and > > > eth1 is WAN side interface. > > > > > > what I want to do is "Mark all h323 packets with some tos value". > > > for which my iptables command seems to be like this- > > > iptables -t mangle -A FORWARD -o eth0 -d 192.9.201.0/24 -p tcp -m > > > rtp -j FTOS --set-ftos 0xb8. > > > > > > but it's giving an error message - > > > iptable: No chain/target/match by tha rule. > > > > > > Can anybody help me out. > > > > > > Thanks & Regards > > > Upma > > > > > -- > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > ( Raymond Leach ) > > ) Knowledge Factory ( > > ( ) > > ) Tel: +27 11 445 8100 ( > > ( Fax: +27 11 445 8101 ) > > ) ( > > ( http://www.knowledgefactory.co.za/ ) > > ) http://www.saptg.co.za/ ( > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > o o > > o o > > .--. .--. > > | o_o| |o_o | > > | \_:| |:_/ | > > / / \\ // \ \ > > ( | |) (| | ) > > /`\_ _/'\ /'\_ _/`\ > > \___)=(___/ \___)=(___/ > > > > ------------------------------------------------------------------------ > > Name: signature.asc > > signature.asc Type: application/pgp-signature > > Description: This is a digitally signed message part > >