* [LARTC] u32: how to say "all except z.x.y"?
@ 2003-01-20 15:56 ray-nger
2003-01-20 17:47 ` Stef Coene
0 siblings, 1 reply; 2+ messages in thread
From: ray-nger @ 2003-01-20 15:56 UTC (permalink / raw)
To: lartc
Hello lartc,
Q1:
If I want select subhet, I wrote
...u32 match ip dst a.d.r.es/net police ...
How I can say "all except z.x.y" ?
Both src/dest addr/port - I foundn't this info in HOWTO :(((
Q2:
Why I can't (or not allowed) to create more then one class into
!ingress! queue? I know, it's incoming trafic? but why?
it's look simply: (yes, i may be wrong:)
If first incomng packet owerlimit own filtered class - then drop, else
pass...
Why it's hardly then outgoing (drop only!!)?
or, if it's possible - give a sample, please.
Thanks!
--
Best regards,
Ray-Nger mailto:ray-nger@yandex.ru
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] u32: how to say "all except z.x.y"?
2003-01-20 15:56 [LARTC] u32: how to say "all except z.x.y"? ray-nger
@ 2003-01-20 17:47 ` Stef Coene
0 siblings, 0 replies; 2+ messages in thread
From: Stef Coene @ 2003-01-20 17:47 UTC (permalink / raw)
To: lartc
On Monday 20 January 2003 16:56, ray-nger wrote:
> Hello lartc,
> Q1:
>
> If I want select subhet, I wrote
> ...u32 match ip dst a.d.r.es/net police ...
> How I can say "all except z.x.y" ?
> Both src/dest addr/port - I foundn't this info in HOWTO :(((
Use 2 filters :
1. all z.x.y to a class
2. all to an other class
so the second filter matches all except x.y.z
> Q2:
> Why I can't (or not allowed) to create more then one class into
> !ingress! queue? I know, it's incoming trafic? but why?
> it's look simply: (yes, i may be wrong:)
> If first incomng packet owerlimit own filtered class - then drop, else
> pass...
>
> Why it's hardly then outgoing (drop only!!)?
> or, if it's possible - give a sample, please.
It's not possible. The ingress qdisc is not a real qdisc. All egress qdiscs
like htb/cbq/sfq are changing the queue of packets that leaves a nic. But
for incoming there is no queue that you can change.
So you can add a ingress qdisc and you can use filters+policers to manage
incoming traffic, but it will not so powerfull as you can with outgoing
packets. You can't delay a packet with the ingress qdisc.
Stef
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2003-01-20 17:47 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-20 15:56 [LARTC] u32: how to say "all except z.x.y"? ray-nger
2003-01-20 17:47 ` Stef Coene
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox