Linux Advanced Routing and Traffic Control list
 help / color / mirror / Atom feed
* [LARTC] Re: [Linux Diffserv] ANNOUNCE: tc filter extensions
@ 2003-01-04 18:37 jamal
  2003-01-04 22:17 ` jamal
  0 siblings, 1 reply; 2+ messages in thread
From: jamal @ 2003-01-04 18:37 UTC (permalink / raw)
  To: lartc



Yes, thats is a useful feature.
Should be able to able use the iptables LOG; I am trying to avoid
replicating things which already exist; it is very easy to replicate it.
I'll test iptables LOG sometimes today; if you beat me to it, let me know
if it works.

cheers,
jamal

On Sat, 4 Jan 2003, Ciprian Niculescu wrote:

> hello,
>
> if someone can develop a feature like -j LOG from iptables, for the tc
> filter
>
> for ex i have
>
> tc filter ...... match dport 80 0xffff flowid 1:1
>
> i want to write to syslog the headers of the packets that matched this rule.
>
> C
>
> jamal wrote:
> >
> > I guess holidays means idle time which means idle minds which leads to
> > thumb twiddling which then leads to some work (which is sometimes useful)
> >
> > Ive updated the traffic control patches i posted about six months ago.
> > Note, the current release does not break anything in tc. It is fully
> > backward compatible so you can choose not to use it and things will work
> > as they do today. Of course, it is very useful so you cant choose to
> > ignore it!
> >
> > It's now upgraded to better than "use at your own risk" category.
> > tested on both uni and SMP 2.4.18 and 2.4.20.
> >
> > http://www.cyberus.ca/~hadi/patches/action/
> >
> > Bug reports and feedback are appreaciated.
> > A lot more goodies coming up, so this is just the tip. First steps are to
> > prove sanity of the idea.
> >
> > cheers,
> > jamal
> >
> >
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Welcome to geek heaven.
> > http://thinkgeek.com/sf
> > _______________________________________________
> > Diffserv-general mailing list
> > Diffserv-general@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/diffserv-general
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Diffserv-general mailing list
> Diffserv-general@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/diffserv-general
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
* [LARTC] Re: [Linux Diffserv] ANNOUNCE: tc filter extensions
  2003-01-04 18:37 [LARTC] Re: [Linux Diffserv] ANNOUNCE: tc filter extensions jamal
@ 2003-01-04 22:17 ` jamal
  0 siblings, 0 replies; 2+ messages in thread
From: jamal @ 2003-01-04 22:17 UTC (permalink / raw)
  To: lartc


Ok, i tested basic stuff and it works. Not very useful example but
should serve to illustrate things:
Example below will log every packet with src ip 127.1.1.1/32 seen at
ingres of dev lo every time it exceeds its allocated rate. the nfmark
is also set to 2 every time the rate is exceeded.

---------- script -------
#
tc qdisc add dev lo ingress
#
tc filter add dev lo parent ffff: protocol ip prio 1 u32  \
match ip src 127.1.1.1/32 \
action police mtu 5000  rate 2500kbit burst 90k pipe \
action ipt -j LOG --log-prefix "1:20 exceeded 2.5mbps" \
action ipt -j mark --set-mark 2

-----------------------------------------------

Now try to list what we installed

------------------ listing ----------------
jroot# tc filter show parent ffff: dev lo
filter protocol ip pref 1 u32
filter protocol ip pref 1 u32 fh 800: ht divisor 1
filter protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0
flowid 1:20

   action order 1: police 1 action pipe rate 2500Kbit burst 86153b mtu 5000b

   action order 2: tablename: mangle  hook: NF_IP_PRE_ROUTING
        target LOG level warning prefix `1:20 exceded 2.5mbps'  index 1

   action order 3: tablename: mangle  hook: NF_IP_PRE_ROUTING
        target MARK set 0x2  index 2

  match 7f010101/ffffffff at 12

-----------------------------

Of course this is a 5 minute test.

cheers,
jamal

On Sat, 4 Jan 2003, jamal wrote:

>
>
> Yes, thats is a useful feature.
> Should be able to able use the iptables LOG; I am trying to avoid
> replicating things which already exist; it is very easy to replicate it.
> I'll test iptables LOG sometimes today; if you beat me to it, let me know
> if it works.
>
> cheers,
> jamal
>
> On Sat, 4 Jan 2003, Ciprian Niculescu wrote:
>
> > hello,
> >
> > if someone can develop a feature like -j LOG from iptables, for the tc
> > filter
> >
> > for ex i have
> >
> > tc filter ...... match dport 80 0xffff flowid 1:1
> >
> > i want to write to syslog the headers of the packets that matched this rule.
> >
> > C
> >
> > jamal wrote:
> > >
> > > I guess holidays means idle time which means idle minds which leads to
> > > thumb twiddling which then leads to some work (which is sometimes useful)
> > >
> > > Ive updated the traffic control patches i posted about six months ago.
> > > Note, the current release does not break anything in tc. It is fully
> > > backward compatible so you can choose not to use it and things will work
> > > as they do today. Of course, it is very useful so you cant choose to
> > > ignore it!
> > >
> > > It's now upgraded to better than "use at your own risk" category.
> > > tested on both uni and SMP 2.4.18 and 2.4.20.
> > >
> > > http://www.cyberus.ca/~hadi/patches/action/
> > >
> > > Bug reports and feedback are appreaciated.
> > > A lot more goodies coming up, so this is just the tip. First steps are to
> > > prove sanity of the idea.
> > >
> > > cheers,
> > > jamal
> > >
> > >
> > > -------------------------------------------------------
> > > This sf.net email is sponsored by:ThinkGeek
> > > Welcome to geek heaven.
> > > http://thinkgeek.com/sf
> > > _______________________________________________
> > > Diffserv-general mailing list
> > > Diffserv-general@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/diffserv-general
> >
> >
> >
> >
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Welcome to geek heaven.
> > http://thinkgeek.com/sf
> > _______________________________________________
> > Diffserv-general mailing list
> > Diffserv-general@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/diffserv-general
> >
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Diffserv-general mailing list
> Diffserv-general@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/diffserv-general
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-01-04 22:17 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-04 18:37 [LARTC] Re: [Linux Diffserv] ANNOUNCE: tc filter extensions jamal
2003-01-04 22:17 ` jamal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox