From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andreas Unterkircher Date: Thu, 01 Dec 2005 17:45:42 +0000 Subject: Re: [LARTC] Screening packets within tc-classes Message-Id: <438F36C6.6010906@netshadow.at> List-Id: References: <20051130.Dqk.80373300@egroupware.netshadow.at> In-Reply-To: <20051130.Dqk.80373300@egroupware.netshadow.at> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Good suggestion to use ulog for this. So I could dump the exactly traffic which would run through a class (CLASSIFY) to analyze and extract the necessary data to draw the graphs. So I do not have to parse my class (IP or MAC) out of a full tcpdump stream. Sadly not possible with tc-filter. But perhaps I could do this for tc with Vincent Perrier's sch_spy module. Cheers, Andreas Patrick McHardy schrieb: > Andreas Unterkircher wrote: >> Hello list, >> >> I'm currently a bit planless so perhaps someone here could give me a >> point in >> the right direction. >> >> History: I wrote a shaper web tool (http://shaper.netshadow.at) and >> now got >> several feature requests if it would be possible to graph "what's >> going on" >> (this mean per IP address, tcp/udp ports or protocols) in a specific >> chain. A >> chain represents a specific tc-class. Packets get into this chains via >> tc-filter or iptables MARK. >> >> Currently I'm drawing graphs with data got from the dequeuing >> counters via tc >> -s class show dev ${IF}. Not the best way - I know - but it was >> enough till >> yet. >> >> Now the question is - is it possible to get direct access to network >> packets >> that flow through a specifc tc-class? >> >> I was thinking about iptables and dumping the MARK-value via libpcap. >> But I >> don't think that this will work because the pcap-filter is attached >> to the >> device itself before the iptables rules (like the restore-mark) are >> acting. So >> I guess libpcap will not see this. > > No it won't, but its not able to use the netfilter mark anyway. One way > would be to use the ipt action combined with the ULOG target and send > packets to userspace that way. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc