From: "Rodrigo P. Telles" <telles@devel-it.com.br>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Strange behavior deleting filters
Date: Fri, 09 Jan 2004 11:27:16 +0000 [thread overview]
Message-ID: <3FFE9014.2060401@devel-it.com.br> (raw)
In-Reply-To: <3FFD829F.304@pobox.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars,
It's about the discussion of "deleting filter rules", and this "method" (using
handle) was explaned by Patrick (see the list history).
Telles
Lars Landmark wrote:
| Hi;
|
| no clue :-(
| May I ask why you are using "handle" and not "parent" since HTB is used?
| And what eventually are the differences?
|
| Lars
|
|
|
|>-----BEGIN PGP SIGNED MESSAGE-----
|>Hash: SHA1
|>
|>Lars,
|>
|>I knew that (I use this form, but with handle, it doesn't work), but if what you
|>said is truth, the folowing command would have work:
|>
|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>src 10.10.10.10 flowid 1:12
|>RTNETLINK answers: No such file or directory
|>
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>src 10.10.10.11 flowid 1:12
|>
|>What you thing about that ?
|>
|>Telles
|>
|>Lars Landmark wrote:
|>|
|>| Hi Rodrigo;
|>|
|>| When you add a new filter rule, you write "tc filter add .....". If you
|>| now substitute add with del, you are able to delete the right filter
|>| without any other filters being deleted.
|>|
|>| Hope this helps.
|>|
|>| Lars
|>|
|>|
|>| On Thu, 8 Jan 2004, Rodrigo P. Telles wrote:
|>|
|>|
|>|>-----BEGIN PGP SIGNED MESSAGE-----
|>|>Hash: SHA1
|>|>
|>|>Patrick,
|>|>
|>|>Based in your explanation, I tried that:
|>|>
|>|># adding root qdisc, class and filters
|>|>tc qdisc add dev eth0 root handle 1: htb
|>|>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
|>|>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
|>|>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
|>|>
|>|>tc qdisc add dev eth0 parent 1:11 handle 11: sfq
|>|>tc qdisc add dev eth0 parent 1:12 handle 12: sfq
|>|>
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
|>|>src 10.10.10.10 flowid 1:11
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>|>src 10.10.10.11 flowid 1:12
|>|>
|>|># tc filter show dev eth0
|>|>filter parent 1: protocol ip pref 1 u32
|>|>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
|>|>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
|>|>flowid 1:11
|>|>~ match 0a0a0a0a/ffffffff at 12
|>|>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
|>|>flowid 1:12
|>|>~ match 0a0a0a0b/ffffffff at 12
|>|>
|>|># deleting a rule
|>|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
|>|>Must specify filter type when using "handle"
|>|>
|>|>Humm, I got back to LARTC Howto, but I can't found anything about "filter
type" !
|>|>
|>|>What's wrong ?
|>|>
|>|>Telles
|>|>
|>|>
|>|>Patrick McHardy wrote:
|>|>| Andre Correa wrote:
|>|>|
|>|>|>
|>|>|> Patrick, tks for the info but I'm sure I got your idea.
|>|>|>
|>|>|> A filter handle is something like: "804::800" right?
|>|>|
|>|>|
|>|>| Not exactly. How handles are handled depends on the classifier,
|>|>| fw classifier for example uses its own handle to match the nfmark,
|>|>| route creates handles of its own and errors if the handle supplied
|>|>| from userspace differs.
|>|>|
|>|>| Maybe a example clears things up:
|>|>| <add filters>
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
|>|>|
|>|>| <show filters>
|>|>| filter protocol ip pref 1 route
|>|>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
|>|>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
|>|>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
|>|>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
|>|>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
|>|>|
|>|>| As you can see the route classifier uses realm | 0x8000.
|>|>|
|>|>| <delete filters>
|>|>| tc filter del dev lo pref 1 handle 0x00048000 route
|>|>| tc filter del dev lo pref 1 handle 0x00058000 route
|>|>| tc filter del dev lo pref 1 handle 0x00068000 route
|>|>| tc filter del dev lo pref 1 handle 0x00078000 route
|>|>| tc filter del dev lo pref 1 handle 0x00088000 route
|>|>|
|>|>| <show filters again>
|>|>| filter protocol ip pref 1 route
|>|>|
|>|>| Only the container of the single filters is left. To destroy it, delete by
|>|>| priority: "tc filter del dev lo pref 1".
|>|>|
|>|>| Hope that helps.
|>|>|
|>|>| Patrick
|>|>|
|>|>|
|>|>|> I've tried this (supose classes 1:1 and 1:2 exist):
|>|>|>
|>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
|>|>|> match ip src 10.10.10.10 flowid 1:1
|>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
|>|>|> match ip src 10.10.10.11 flowid 1:2
|>|>|>
|>|>|> and then:
|>|>|>
|>|>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
|>|>|>
|>|>|> but both filter are deleted...
|>|>|>
|>|>|> Am I missing something?
|>|>|>
|>|>|> tks a lot...
|>|>|>
|>|>|> Andre
|>|>|>
|>|>|
|>|>|
|>|>| _______________________________________________
|>|>| LARTC mailing list / LARTC@mailman.ds9a.nl
|>|>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>|>|
|>|>|
|>|>
|>|>- --
|>|>- ------------------------------------------------------
|>|>Rodrigo P. Telles <telles@devel-it.com.br>
|>|>Gerente de Projetos - http://www.devel-it.com.br
|>|>Devel-IT - Uma empresa do Grupo TDKOM
|>|>- ------------------------------------------------------
|>|>-----BEGIN PGP SIGNATURE-----
|>|>Version: GnuPG v1.0.7 (GNU/Linux)
|>|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>|>
|>|>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
|>|>Ly6eZtiaSTtrWMrpPm9MxnQ|>|>=rhE2
|>|>-----END PGP SIGNATURE-----
|>|>
|>|>_______________________________________________
|>|>LARTC mailing list / LARTC@mailman.ds9a.nl
|>|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>|>
|>|
|>|
|>|
|>
|>- --
|>- ------------------------------------------------------
|>Rodrigo P. Telles <telles@devel-it.com.br>
|>Gerente de Projetos - http://www.devel-it.com.br
|>Devel-IT - Uma empresa do Grupo TDKOM
|>- ------------------------------------------------------
|>-----BEGIN PGP SIGNATURE-----
|>Version: GnuPG v1.0.7 (GNU/Linux)
|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>
|>iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI
|>C+1AYYFiTKvXabVcluSnR6E|>ÉXe
|>-----END PGP SIGNATURE-----
|>
|>_______________________________________________
|>LARTC mailing list / LARTC@mailman.ds9a.nl
|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>
|
| _______________________________________________
| LARTC mailing list / LARTC@mailman.ds9a.nl
| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//pAUiLK8unYgEMQRAjeLAJ9ZCyPiKNcoENEgcCvfzIF1wJ2IlgCfel0D
BmAJ97csB8BxXywGwmLVrDM=JpSS
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2004-01-09 11:27 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
2004-01-08 18:02 ` Andre Correa
2004-01-08 18:46 ` Rodrigo P. Telles
2004-01-08 19:02 ` Andre Correa
2004-01-08 19:27 ` Rodrigo P. Telles
2004-01-08 20:31 ` Patrick McHardy
2004-01-08 21:26 ` Patrick McHardy
2004-01-08 22:55 ` Rodrigo P. Telles
2004-01-08 23:32 ` Rodrigo P. Telles
2004-01-09 10:45 ` Rodrigo P. Telles
2004-01-09 11:00 ` Lars Landmark
2004-01-09 11:27 ` Rodrigo P. Telles [this message]
2004-01-09 13:37 ` Andre Correa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3FFE9014.2060401@devel-it.com.br \
--to=telles@devel-it.com.br \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.