From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Furniss Subject: Re: iptables breakage WAS(Re: dummy as IMQ replacement Date: Wed, 23 Mar 2005 19:33:12 +0000 Message-ID: <4241C478.5030309@dsl.pipex.com> References: <1107123123.8021.80.camel@jzny.localdomain> <0fcf01c5077f$579e4b80$6e69690a@RIMAS> <1107174142.8021.121.camel@jzny.localdomain> <00c301c524b4$938cd240$6e69690a@RIMAS> <1110379135.1091.143.camel@jzny.localdomain> <1110416767.1111.76.camel@jzny.localdomain> <025501c52552$2dbf87c0$6e69690a@RIMAS> <1110453757.1108.87.camel@jzny.localdomain> <423B7BCB.10400@dsl.pipex.com> <1111410890.1092.195.camel@jzny.localdomain> <423F41AD.3010902@dsl.pipex.com> <1111444869.1072.51.camel@jzny.localdomain> <423F71C2.8040802@dsl.pipex.com> <1111462263.1109.6.camel@jzny.localdomain> <42408998.5000202@dsl.pipex.com> <1111550254.1089.21.camel@jzny.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Harald Welte , Patrick McHardy , Remus , netdev@oss.sgi.com, Nguyen Dinh Nam , Andre Tomt , syrius.ml@no-log.org, Damion de Soto To: hadi@cyberus.ca In-Reply-To: <1111550254.1089.21.camel@jzny.localdomain> Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com List-Id: netdev.vger.kernel.org jamal wrote: > Ok, Andy - I have tested this and should all work. > Can you double check on your side before i push kernel patch to Dave? I > tested on ubuntu distro on an AMD athlon. > Attached tar.gz with necessary patches. I only bothered to do 2 out of 3 > tests. The second one covers the third. iptables libraries at runtime: > 1.3.1 OK rebuilt with those versions and patches. > TEST1: > > Check if ipt works on its own and stats are fixed. > > tc qdisc del dev eth0 ingress > tc qdisc add dev eth0 ingress > > tc filter add dev eth0 parent ffff: protocol ip prio 6 u32 \ > match ip src 10.0.2.24/32 flowid 1:16 \ > action ipt -j TOS --set-tos Maximize-Reliability Yes this works OK > TEST2: > - check if ipt followed by another action works. > - check if mirred works > > tc qdisc del dev eth0 ingress > tc qdisc add dev eth0 ingress > > tc filter add dev eth0 parent ffff: protocol ip prio 6 \ > u32 match ip src 10.0.2.24/32 flowid 1:16 \ > action ipt -j TOS --set-tos Maximize-Reliability \ > action mirred egress redirect dev lo Also works OK > bantu:~# tc -s filter ls dev eth0 parent ffff: didn't get bash prompt back after doing this till but works and looks OK. Works if I direct to dummy0 aswell :-) The thing that still fails is trying to use MARK - but I guess that's not to do with mirred as I don't get any mention of it anymore. [root@amd /home/andy/Qos]# tc qdisc del dev eth0 ingress RTNETLINK answers: No such file or directory [root@amd /home/andy/Qos]# tc qdisc add dev eth0 ingress [root@amd /home/andy/Qos]# tc filter add dev eth0 parent ffff: protocol ip prio 6 \ > u32 match ip src 10.0.2.24/32 flowid 1:16 \ > action ipt -j MARK --set-mark 1 tablename: mangle hook: NF_IP_PRE_ROUTING target: MARK set 0x1 index 0 RTNETLINK answers: Invalid argument We have an error talking to the kernel I get exactly the same error if I also add action mirred egress redirect dev lo - before I would get different. Andy.