* [LARTC] icmp bandwidth restriction !!
@ 2002-03-06 17:24 Arindam Haldar
2002-03-07 6:34 ` Arindam Haldar
2002-03-07 7:19 ` Arindam Haldar
0 siblings, 2 replies; 3+ messages in thread
From: Arindam Haldar @ 2002-03-06 17:24 UTC (permalink / raw)
To: lartc
hi all
i want help in managing icmp traffic. this is what i tried -->
iptables -t mangle -A PREROUTING -d 10.0.0.0/8 -p 1 -j MARK --set-mark 4001
tc filter add dev eth4 parent 5:0 match protocol ip 1 prio 2 handle 4001
fw classid 5:105
i tried permutaion of >> match protocol ip 1 << but always getting
different errors.
i want to know whats the syntax for tc when i mark packets with iptables
of icmp type !
iptables -nvL PREROUTING -t mangle does shows figures indicating icmp
packets r inded being marked !
thanx in advance
A.H
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] icmp bandwidth restriction !!
2002-03-06 17:24 [LARTC] icmp bandwidth restriction !! Arindam Haldar
@ 2002-03-07 6:34 ` Arindam Haldar
2002-03-07 7:19 ` Arindam Haldar
1 sibling, 0 replies; 3+ messages in thread
From: Arindam Haldar @ 2002-03-07 6:34 UTC (permalink / raw)
To: lartc
eth wrote:
> Arindam Haldar wrote:
>
>> i want help in managing icmp traffic. this is what i tried -->
>> iptables -t mangle -A PREROUTING -d 10.0.0.0/8 -p 1 -j MARK --set-mark
>> 4001
>>
>> tc filter add dev eth4 parent 5:0 match protocol ip 1 prio 2 handle
>> 4001 fw classid 5:105
>>
>> i tried permutaion of >> match protocol ip 1 << but always getting
>> different errors.
>> i want to know whats the syntax for tc when i mark packets with
>> iptables of icmp type !
>> iptables -nvL PREROUTING -t mangle does shows figures indicating icmp
>> packets r inded being marked !
>
> If only ICMP is the criterion why bother with iptables? Afterwall the
> u32 filter of tc can match pretty anything in terms of tcp/ip...
>
> If I'm not wrong for example
>
> tc filter add dev eth1 protocol ip parent 5:0 prio 2 match ip dst
> 10.0.0.0/8 match ip protocol 1 0xff flowid 5:105
>
> ... would create a filter to match all ICMP traffic destined to 10.0.0.0
>
# tc filter add dev eth4 parent 5:0 protocol ip prio 2 match ip dst
10.0.0.0/8 match ip protocol 1 0xff flowid 5:105
Unknown filter "match", hence "ip" is unparsable
A.H
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] icmp bandwidth restriction !!
2002-03-06 17:24 [LARTC] icmp bandwidth restriction !! Arindam Haldar
2002-03-07 6:34 ` Arindam Haldar
@ 2002-03-07 7:19 ` Arindam Haldar
1 sibling, 0 replies; 3+ messages in thread
From: Arindam Haldar @ 2002-03-07 7:19 UTC (permalink / raw)
To: lartc
Arindam Haldar wrote:
> eth wrote:
>
>> Arindam Haldar wrote:
>>
>>> i want help in managing icmp traffic. this is what i tried -->
>>> iptables -t mangle -A PREROUTING -d 10.0.0.0/8 -p 1 -j MARK
>>> --set-mark 4001
>>>
>>> tc filter add dev eth4 parent 5:0 match protocol ip 1 prio 2 handle
>>> 4001 fw classid 5:105
>>>
>>> i tried permutaion of >> match protocol ip 1 << but always getting
>>> different errors.
>>> i want to know whats the syntax for tc when i mark packets with
>>> iptables of icmp type !
>>> iptables -nvL PREROUTING -t mangle does shows figures indicating icmp
>>> packets r inded being marked !
>>
>>
>> If only ICMP is the criterion why bother with iptables? Afterwall the
>> u32 filter of tc can match pretty anything in terms of tcp/ip...
>>
>> If I'm not wrong for example
>>
>> tc filter add dev eth1 protocol ip parent 5:0 prio 2 match ip dst
>> 10.0.0.0/8 match ip protocol 1 0xff flowid 5:105
>>
>> ... would create a filter to match all ICMP traffic destined to 10.0.0.0
>>
>
> # tc filter add dev eth4 parent 5:0 protocol ip prio 2 match ip dst
> 10.0.0.0/8 match ip protocol 1 0xff flowid 5:105
> Unknown filter "match", hence "ip" is unparsable
>
> A.H
>
I AM EXTREMLY SORRY !! ... didnt add u32 to the above !.. :-(
thanx 4 ur help !
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-03-07 7:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-03-06 17:24 [LARTC] icmp bandwidth restriction !! Arindam Haldar
2002-03-07 6:34 ` Arindam Haldar
2002-03-07 7:19 ` Arindam Haldar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.