From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Gilles Douillet" <groopy@chello.be>
Date: Sun, 05 Jan 2003 23:49:54 +0000
Subject: [LARTC] U32 filter for IPSEC (ESP)
Message-Id: <marc-lartc-104180993325505@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org


Hi all,

After reading a lot and searching on the INternet, I want to filter ASP
and/or AH traffic

According to /etc/protocols ESP and AH are IP protos 50 and 51

so this u32 filter should work ? (I can use fw filter because the
firewall/VPN can't mark pakets :-(

tc filter add dev ethX parent X:0 protocol ip prio X u32 match ip protocol
50 0xff flowid X:XX ?

Can someone confirm this ?

Many thanks

G.



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/