From mboxrd@z Thu Jan  1 00:00:00 1970
From: bert hubert <ahu@ds9a.nl>
Date: Fri, 14 Dec 2001 12:58:48 +0000
Subject: Re: [LARTC] tc: u32 match in nexthdr not working?
Message-Id: <marc-lartc-100833477329839@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-100827285418750@msgid-missing>
In-Reply-To: <marc-lartc-100827285418750@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On Fri, Dec 14, 2001 at 02:56:57PM +0200, Julian Anastasov wrote:

> > The difference as shown by tc filter show dev eth0 parent ffff:
> > is that ip sport -> "match 0c380000/ffff0000 at 20"
> >         tcp src ->  "match 0c380000/ffff0000 at nexthdr+0".

> not know that you are using IPv4, so the value 20 can not be
> guessed. For this, "offset" is used to extract the iphdr->ihl
> value and to use it as a base for all nexthdr+ relative offsets.

Damn, that's broken. Or at least, extremely non-obvious and hard to get
working. Overly universal comes to mind. So 'ip sport' would stop matching
packets with ip options?

Thanks for enlightening us - will update the HOWTO to this effect.

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/