From: johan@pinguind.co.id
To: lartc@vger.kernel.org
Subject: [LARTC] need suggest for tc..fw
Date: Mon, 23 Apr 2001 19:06:48 +0000 [thread overview]
Message-ID: <marc-lartc-98805280817818@msgid-missing> (raw)
Dear all...
I got problem when define this rule
I had define class like this
#tc qdisc show dev eth0
qdisc tbf 8003: rate 128Kbit burst 10Kb lat 381.5ms
qdisc cbq 1: rate 10Mbit (bounded,isolated) prio no-transmit
#tc class show dev eth0
class cbq 1: root rate 10Mbit (bounded,isolated) prio no-transmit
class cbq 1:1 parent 1: rate 10Mbit prio no-transmit
class cbq 1:1234 parent 1:1 leaf 8003: rate 128Kbit (bounded,isolated) prio
5
#tc filter show dev eth0
filter parent 1: protocol ip pref 100 u32
filter parent 1: protocol ip pref 100 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800
bkt 0 flowid 1:1234
match 00140000/ffff0000 at 20
This configuration my iptables,
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
MARK tcp -- anywhere anywhere state RELATED
tcp dpt:ftp MARK set 0x1
MARK tcp -- anywhere anywhere state RELATED
tcp spt:ftp MARK set 0x1
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
So, I want to limit passive ftp traffic.
1. Tag every packet that RELATED to ftp (RELATED here, I mean refer to
passive ftp).
2. Define filter
But when I define tc with fwmark value based, I got error..
I define like this
# tc filter add dev eth0 parent 1: protocol ip pref 100 handle 1 fw classid
1:1234
and I got error like this
RTNETLINK answers: Invalid argument
Why ?, any suggest ?
Thanks in Advance
Johan
--
-\x1e'-
(o o)
---------ooO--(_)--Ooo-------------------------------------------------
( )/ \( )( ) ( ) ( \( ) Visit us at http://www.pinguind.co.id
__)(( () ))__( /__\ ) ( Feel free to contact me at ICQ #47240718
(___/ \__/(_)(_)(_)(_)(_)\_) email:johan@pinguind.co.id
-----------------------------------------------------------------------
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
next reply other threads:[~2001-04-23 19:06 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-23 19:06 johan [this message]
2001-04-26 6:06 ` [LARTC] need suggest for tc..fw Stef Coene
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-98805280817818@msgid-missing \
--to=johan@pinguind.co.id \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.