From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andy Furniss <andy.furniss@dsl.pipex.com>
Date: Sat, 25 Feb 2006 16:04:06 +0000
Subject: Re: [LARTC] invert u32 match selector
Message-Id: <44007FF6.20302@dsl.pipex.com>
List-Id: <lartc.vger.kernel.org>
References: <20060221172517.6e5a433c.mailinglists@lucassen.org>
In-Reply-To: <20060221172517.6e5a433c.mailinglists@lucassen.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

richard lucassen wrote:
> On Wed, 22 Feb 2006 11:43:40 +0200
> "Vaidas" <admin@vdx.lt> wrote:
> 
> 
>>With u32 you cannot negate, that's why it is lame...
> 
> 
> And why doesn't this work? (I send all port 80 to 1.2.3.4 to class 14
> /before/ I send the rest to classid 13):
> 
> $TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
>   match ip protocol 0x6 0xff \
>   match ip dport 80 0xffff \
>   match ip dst 1.2.3.4/32 \
>   classid 1:14
> 
> $TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
>   match ip protocol 0x6 0xff \
>   match ip dport 80 0xffff \
>   classid 1:13
> 
> Any ideas?

Looks OK to me - try what Anton suggested to be safe but order is 
usually enough.

I guess IFB means this is ingress - if you are doing nat / or the ip you 
  match is on that machine maybe it not passing ifb with the address you 
expect.

Andy.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc