[LARTC] u32 and iptables do not work together

From: Nataniel Klug <nata@cnett.com.br>
To: lartc@vger.kernel.org
Subject: [LARTC] u32 and iptables do not work together
Date: Fri, 07 Apr 2006 18:26:00 +0000	[thread overview]
Message-ID: <4436AEB8.1070300@cnett.com.br> (raw)

    Hello all,

    I am trying to make a filter into my QoS rules and I founded that 
when I try to use filters u32 and with fwmark they do not work together. 
This is the filter I use, just and example, for u32:

$TC filter add dev $DL parent 1:0 protocol ip prio 1 u32 match ip sport 
22 0xffff flowid 1:10

    This is working fine. Now if I try to mark a package that I want it 
to go to the same class (1:10) it get an error:

$IPT -t mangle -A PREROUTING -s 200.163.208.4 -j MARK --set-mark 10

    Then I tryed to make the filter for this:

$TC filter add dev $DL parent 1:0 protocol ip prio 1 handle 10 fw 
classid 1:10

RETURNS:

[root@ns1 rc.d]# /sbin/tc filter add dev eth3 parent 1:0 protocol ip 
prio 1 handle 10 fw classid 1:10
RTNETLINK answers: Invalid argument
We have an error talking to the kernel
[root@ns1 rc.d]#

    Anyone knows what can I do? My full script (the one that is working 
fine is at the end).

Att,

Nataniel Klug


------
#!/bin/sh
#------
# Script de QoS Cyber Nett
#------
# Nataniel Klug
# suporte@cnett.com.br
#------

TC="/sbin/tc"
IPT="/usr/local/sbin/iptables"

DL="eth3"

#------
# Apagando regras antigas de QoS
#------
$TC qdisc del dev $DL root    2> /dev/null > /dev/null
$TC qdisc del dev $DL ingress 2> /dev/null > /dev/null

#------
# Regras para a placa eth1
#------
$TC qdisc add dev $DL root handle 1: htb default 50

CLASS="/sbin/tc class add dev $DL parent"
$CLASS 1: classid 1:1 htb rate 3072Kbit
$CLASS 1:1 classid 1:10 htb rate 256Kbit prio 1
$CLASS 1:1 classid 1:20 htb rate 1024Kbit ceil 2048Kbit prio 2
$CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 512Kbit prio 3
$CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 512Kbit prio 3
$CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 512Kbit prio 4

QDISC="/sbin/tc qdisc add dev $DL parent"
$QDISC 1:10 handle 10: sfq perturb 10
$QDISC 1:20 handle 20: sfq perturb 10
$QDISC 1:30 handle 30: sfq perturb 10
$QDISC 1:40 handle 40: sfq perturb 10
$QDISC 1:50 handle 50: sfq perturb 10

FILTER="/sbin/tc filter add dev $DL parent 1:0 protocol ip prio 1 u32"

$FILTER match ip protocol 1 0xff flowid 1:10
$FILTER match ip sport 22 0xffff flowid 1:10
$FILTER match ip sport 23 0xffff flowid 1:10
$FILTER match ip sport 2202 0xffff flowid 1:10

$FILTER match ip sport 6121 0xffff flowid 1:10
$FILTER match ip sport 5121 0xffff flowid 1:10

$FILTER match ip sport 80 0xffff flowid 1:20
$FILTER match ip sport 443 0xffff flowid 1:20
$FILTER match ip sport 3128 0xffff flowid 1:20
$FILTER match ip src 200.189.176.206/32 flowid 1:20
$FILTER match ip src 200.189.176.205/32 flowid 1:20
$FILTER match ip sport 5065 0xffff flowid 1:20
$FILTER match ip sport 5070 0xffff flowid 1:20

$FILTER match ip sport 53 0xffff flowid 1:30
$FILTER match ip sport 25 0xffff flowid 1:30
$FILTER match ip sport 110 0xffff flowid 1:30

$FILTER match ip sport 21 0xffff flowid 1:40
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc