HTB and src/dst filters

[Alex Regan <mysqlstudent@gmail.com>]

Hi,
I posted a message a few days ago and haven't received any responses, so 
thought I would try and simplify my post and ask a few more specific 
questions.

I'm using tc on fedora20 and can't figure out why I can't get it to 
filter ssh traffic originating from the backup server to port 22 on the 
mail server.

tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb default 20
tc class add dev eth0 parent 1: classid 1:1 htb rate 1000mbit burst 15k
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 900mbit ceil 
1000mbit burst 15k prio 1
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 2mbit ceil 3mbit 
burst 15k prio 1
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc filter add dev eth0 protocol ip parent 1: prio 1 u32 match ip src \
     1.2.3.4/32 match ip dport 22 0xffff flowid 1:10

I'm expecting ssh traffic from 1.2.3.4 to be filtered through 1:10 while 
everything else to be sent through 1:20.

I'm aware of how to display the traffic counts with 'tc ls' but is there 
a way to monitor the actual packets on a specific filter?

Can I assume that if I have two filters set up that the traffic is going 
through either one or the other?

I was also confused by some of the examples that used port 80 (or 22 in 
my case) as the SOURCE port:

On source/destination port, all IP protocols
     Source: 'match ip sport 80 0xffff', destination: 'match ip dport 80 
0xffff'

How would you ever have port 80 as a SOURCE? Any connections to a web 
server is going to use an unprivileged high port to DESTINATION port 80, 
correct?

Thanks,
Alex