* [LARTC] tc and iptables --set-mark question
@ 2003-07-03 13:12 Joerg Hartmann
2003-07-03 16:30 ` Stef Coene
2003-07-08 19:01 ` Jose Luis Domingo Lopez
0 siblings, 2 replies; 3+ messages in thread
From: Joerg Hartmann @ 2003-07-03 13:12 UTC (permalink / raw)
To: lartc
Hello,
if i mark packets on my firewall with "iptables" and "--set-mark" (lets
say .. with --set-mark 0x12 ..) can someone tell me, WHERE in the
resulting ip packet this data is stored ?
From the examples i have seen, it seems to me that the mark can be as big
as one Byte - is this correct ?
The next question is - is it possible to clear the statistical counters
of "tc -s class .." back to zero ?
thanks and regards
Joerg
--
Jörg Hartmann Tel: +49 391 40 00 125
J.Hartmann@megalearn.de
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] tc and iptables --set-mark question
2003-07-03 13:12 [LARTC] tc and iptables --set-mark question Joerg Hartmann
@ 2003-07-03 16:30 ` Stef Coene
2003-07-08 19:01 ` Jose Luis Domingo Lopez
1 sibling, 0 replies; 3+ messages in thread
From: Stef Coene @ 2003-07-03 16:30 UTC (permalink / raw)
To: lartc
On Thursday 03 July 2003 15:12, Joerg Hartmann wrote:
> Hello,
>
> if i mark packets on my firewall with "iptables" and "--set-mark" (lets
> say .. with --set-mark 0x12 ..) can someone tell me, WHERE in the
> resulting ip packet this data is stored ?
It's stored in kernel memory. If the packet leaves the box, the mark is gone;
> From the examples i have seen, it seems to me that the mark can be as big
> as one Byte - is this correct ?
1 byte = 2^8 = 256. I think it can be bigger.
> The next question is - is it possible to clear the statistical counters
> of "tc -s class .." back to zero ?
No.
Stef
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] tc and iptables --set-mark question
2003-07-03 13:12 [LARTC] tc and iptables --set-mark question Joerg Hartmann
2003-07-03 16:30 ` Stef Coene
@ 2003-07-08 19:01 ` Jose Luis Domingo Lopez
1 sibling, 0 replies; 3+ messages in thread
From: Jose Luis Domingo Lopez @ 2003-07-08 19:01 UTC (permalink / raw)
To: lartc
On Thursday, 03 July 2003, at 18:30:20 +0200,
Stef Coene wrote:
> > From the examples i have seen, it seems to me that the mark can be as big
> > as one Byte - is this correct ?
> 1 byte = 2^8 = 256. I think it can be bigger.
>
You are correct. If I understand correctly the code in:
/usr/src/linux-2.5.73/include/linux/netfilter_ipv4/ipt_mark.h
marks are "unsigned longs", so at least 2^32 of them should be available.
Hope this helps.
--
Jose Luis Domingo Lopez
Linux Registered User #189436 Debian Linux Sid (Linux 2.5.73)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-07-08 19:01 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-07-03 13:12 [LARTC] tc and iptables --set-mark question Joerg Hartmann
2003-07-03 16:30 ` Stef Coene
2003-07-08 19:01 ` Jose Luis Domingo Lopez
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.