From mboxrd@z Thu Jan  1 00:00:00 1970
From: "yang,fang" <yangfang@fudan.edu.cn>
Date: Mon, 24 Sep 2007 11:07:28 +0000
Subject: [LARTC] trouble when using IPMARK module
Message-Id: <0JOV0014XDDSON@mail.fudan.edu.cn>
MIME-Version: 1
Content-Type: multipart/mixed; boundary="===============0373188169=="
List-Id: <lartc.vger.kernel.org>
To: lartc@vger.kernel.org

This is a multi-part message in MIME format.

--===============0373188169==
Content-type: multipart/alternative;
	boundary="Boundary_(ID_lUyULI28fXyzXvSF5pfCiA)"

This is a multi-part message in MIME format.

--Boundary_(ID_lUyULI28fXyzXvSF5pfCiA)
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT

Hello,

 

I am trying to use iptables together with tc

I need to use IPMARK module of iptables, but I got a strange error after I
run 'iptables -t mangle -A POSTROUTING -o eth0 -j IPMARK --addr=dst
--and-mask=0xffff --or-mask=0x1000'

The command is copied from iptables manual itself (of course interface
changed)

I only got " iptables v1.3.5: Unknown arg `--addr=dst'

Try `iptables -h' or 'iptables --help' for more information."

 

Environment: CentOS5, iproute2-ss061002, iptables v1.3.5

I have tried several servers and got the same error.

 

Any further ideas?

Many thanks.

 

Regards,

yfang

 


--Boundary_(ID_lUyULI28fXyzXvSF5pfCiA)
Content-type: text/html; charset=US-ASCII
Content-transfer-encoding: 7BIT

<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">

<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
 /* Font Definitions */
 @font-face
	{font-family:&#23435;&#20307;;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"\@&#23435;&#20307;";
	panose-1:2 1 6 0 3 1 1 1 1 1;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	text-align:justify;
	text-justify:inter-ideograph;
	font-size:10.5pt;
	font-family:"Times New Roman";}
a:link, span.MsoHyperlink
	{color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:Arial;
	color:windowtext;}
 /* Page Definitions */
 @page Section1
	{size:595.3pt 841.9pt;
	margin:72.0pt 90.0pt 72.0pt 90.0pt;
	layout-grid:15.6pt;}
div.Section1
	{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
 <o:shapelayout v:ext="edit">
  <o:idmap v:ext="edit" data="1" />
 </o:shapelayout></xml><![endif]-->
</head>

<body lang=ZH-CN link=blue vlink=purple style='text-justify-trim:punctuation'>

<div class=Section1 style='layout-grid:15.6pt'>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Hello,<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>I am trying to use
iptables together with tc<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>I need to use IPMARK
module of iptables, but I got a strange error after I run &#8216;iptables -t mangle
-A POSTROUTING -o eth0 -j IPMARK --addr=dst --and-mask=0xffff --or-mask=0x1000&#8217;<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>The command is copied from
iptables manual itself (of course interface changed)<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>I only got &#8220; iptables
v1.3.5: Unknown arg `--addr=dst'<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Try `iptables -h' or
'iptables --help' for more information.&#8221;<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Environment: CentOS5,
iproute2-ss061002, iptables v1.3.5<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>I have tried several
servers and got the same error.<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Any further ideas?<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Many thanks.<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>Regards,<o:p></o:p></span></font></p>

<p class=MsoNormal style='layout-grid-mode:char'><font size=1 face=Arial><span
lang=EN-US style='font-size:9.0pt;font-family:Arial'>yfang<o:p></o:p></span></font></p>

<p class=MsoNormal><font size=1 face=Arial><span lang=EN-US style='font-size:
9.0pt;font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>

</div>

</body>

</html>

--Boundary_(ID_lUyULI28fXyzXvSF5pfCiA)--

--===============0373188169==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

--===============0373188169==--

From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Peter V. Saveliev" <peet@altlinux.org>
Date: Mon, 24 Sep 2007 12:17:20 +0000
Subject: Re: [LARTC] trouble when using IPMARK module
Message-Id: <200709241617.20483.peet@altlinux.org>
List-Id: <lartc.vger.kernel.org>
References: <0JOV0014XDDSON@mail.fudan.edu.cn>
In-Reply-To: <0JOV0014XDDSON@mail.fudan.edu.cn>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
To: lartc@vger.kernel.org

В сообщении от Monday 24 September 2007 15:07:28 yang,fang написал(а):
> Hello,
>
>
>
> I am trying to use iptables together with tc
>
> I need to use IPMARK module of iptables, but I got a strange error after I
> run 'iptables -t mangle -A POSTROUTING -o eth0 -j IPMARK --addr=dst
> --and-mask=0xffff --or-mask=0x1000'
>
> The command is copied from iptables manual itself (of course interface
> changed)
>
> I only got " iptables v1.3.5: Unknown arg `--addr=dst'
>
<skip />

I think, your iptables just does not have IPMARK extension, which was cleaned 
from pom tree. You can check it with shell command:

$ ls -l /lib/iptables/ | grep IPMARK || echo no IPMARK found

If you still want to have separate buckets for every destination IP and do not 
want to build iptables extension by yourself, you can use tc filter with 
hashing.

I have a ip/tc management tool, which can build such solutions with simple 
configs like that:

!
egress htb
	rate 100Mbit
	!
	class-factory 10.0.0.0/24
		rate 64Kbit
	class-factory 10.0.1.0/24
		rate 128Kbit

But I wrote no English documentation yet. If there is need for such tool and 
there will be anyone to proofread very-bad-English docs, I can try to write 
it.	

-- 
Peter V. Saveliev
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mohan Sundaram <mohan.tux@gmail.com>
Date: Mon, 24 Sep 2007 13:44:09 +0000
Subject: Re: [LARTC] trouble when using IPMARK module
Message-Id: <46F7BC59.2060708@vsnl.com>
List-Id: <lartc.vger.kernel.org>
References: <0JOV0014XDDSON@mail.fudan.edu.cn>
In-Reply-To: <0JOV0014XDDSON@mail.fudan.edu.cn>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Peter V. Saveliev wrote:
> But I wrote no English documentation yet. If there is need for such tool and 
> there will be anyone to proofread very-bad-English docs, I can try to write 
> it.	
> 
Please send me the docs and I'll turn it around in a couple of days.

Mohan
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc