How to find out packet latency?

Linux Netfilter discussions
 help / color / mirror / Atom feed

* How to find out packet latency?
@ 2006-10-09 14:51 Mohammad Farooq
  2006-10-09 15:13 ` How to find the chain which calls the match aoliva
  0 siblings, 1 reply; 6+ messages in thread
From: Mohammad Farooq @ 2006-10-09 14:51 UTC (permalink / raw)
  To: netfilter

Hi all,

I am using linux box as router. Every ip packet which enters the box is
forwarded to some ip address. I have iptables rules which performs this
task. My question is how can I find out the duration ip packet took to
go out of the box. Basically I need time difference when the packet
entered the box and the time it left the box. I want to monitor the
latency. If it crosses some threshold value, I may have to notify. Since
the packets are switched at the kernel level, I am not sure how to get
this information. I would appreciate if someone can point me to the
right direction. Thanks in advance.

MF 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* How to find the chain which calls the match
  2006-10-09 14:51 How to find out packet latency? Mohammad Farooq
@ 2006-10-09 15:13 ` aoliva
  2006-10-09 15:20   ` aoliva
  0 siblings, 1 reply; 6+ messages in thread
From: aoliva @ 2006-10-09 15:13 UTC (permalink / raw)
  Cc: netfilter

Hi all, I am writing a match for iptables and I would like it to have a 
different behaviour when it is called from different chains (e.g. 
different behaviour when called from INPUT than OUTPUT) anyone knows how 
to check in the match which is the chain that is calling it?

Thanks in advance.

Antonio de la Oliva

^ permalink raw reply	[flat|nested] 6+ messages in thread

* How to find the chain which calls the match
  2006-10-09 15:13 ` How to find the chain which calls the match aoliva
@ 2006-10-09 15:20   ` aoliva
  2006-10-09 15:58     ` Gáspár Lajos
  2006-10-10  9:24     ` Pascal Hambourg
  0 siblings, 2 replies; 6+ messages in thread
From: aoliva @ 2006-10-09 15:20 UTC (permalink / raw)
  Cc: netfilter

Sorry if you receives multiple copies,

Hi all, I am writing a match for iptables and I would like it to have a 
different behaviour when it is called from different chains (e.g. 
different behaviour when called from INPUT than OUTPUT) anyone knows how 
to check in the match which is the chain that is calling it?

Thanks in advance.

Antonio de la Oliva

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: How to find the chain which calls the match
  2006-10-09 15:20   ` aoliva
@ 2006-10-09 15:58     ` Gáspár Lajos
  2006-10-09 16:53       ` aoliva
  2006-10-10  9:24     ` Pascal Hambourg
  1 sibling, 1 reply; 6+ messages in thread
From: Gáspár Lajos @ 2006-10-09 15:58 UTC (permalink / raw)
  To: aoliva; +Cc: netfilter

aoliva írta:
> Sorry if you receives multiple copies,
>
> Hi all, I am writing a match for iptables and I would like it to have 
> a different behaviour when it is called from different chains (e.g. 
> different behaviour when called from INPUT than OUTPUT) anyone knows 
> how to check in the match which is the chain that is calling it?
>
> Thanks in advance.
>
> Antonio de la Oliva
>

I DO NOT THINK THAT IT IS A GOOD IDEA OF USING IPTABLES THIS WAY,
but anyway try this:

iptables -A INPUT -j MARK --set-mark 1
iptables -A INPUT -j mychain

iptables -A OUTPUT -j MARK --set-mark 2
iptables -A OUTPUT -j mychain

iptables -A FORWARD -j MARK --set-mark 3
iptables -A FORWARD -j mychain

iptables -A mybehaviour1 -j DROP

iptables -A mychain -j mybehaviour1 -m mark --mark 1 //INPUT
iptables -A mychain -j mybehaviour2 -m mark --mark 2 //OUTPUT
iptables -A mychain -j mybehaviour3 -m mark --mark 3 //FORWARD



Swifty


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: How to find the chain which calls the match
  2006-10-09 15:58     ` Gáspár Lajos
@ 2006-10-09 16:53       ` aoliva
  0 siblings, 0 replies; 6+ messages in thread
From: aoliva @ 2006-10-09 16:53 UTC (permalink / raw)
  To: Gáspár Lajos; +Cc: netfilter

Thank you very much for the answer but I think this is not what I was 
trying. I mean how to know which is the calling chain from inside the 
code of the matching function.

Thank you very much for the help.

Regards
Antonio de la Oliva

Gáspár Lajos wrote:
> aoliva írta:
>> Sorry if you receives multiple copies,
>>
>> Hi all, I am writing a match for iptables and I would like it to have 
>> a different behaviour when it is called from different chains (e.g. 
>> different behaviour when called from INPUT than OUTPUT) anyone knows 
>> how to check in the match which is the chain that is calling it?
>>
>> Thanks in advance.
>>
>> Antonio de la Oliva
>>
>
> I DO NOT THINK THAT IT IS A GOOD IDEA OF USING IPTABLES THIS WAY,
> but anyway try this:
>
> iptables -A INPUT -j MARK --set-mark 1
> iptables -A INPUT -j mychain
>
> iptables -A OUTPUT -j MARK --set-mark 2
> iptables -A OUTPUT -j mychain
>
> iptables -A FORWARD -j MARK --set-mark 3
> iptables -A FORWARD -j mychain
>
> iptables -A mybehaviour1 -j DROP
>
> iptables -A mychain -j mybehaviour1 -m mark --mark 1 //INPUT
> iptables -A mychain -j mybehaviour2 -m mark --mark 2 //OUTPUT
> iptables -A mychain -j mybehaviour3 -m mark --mark 3 //FORWARD
>
>
>
> Swifty
>



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: How to find the chain which calls the match
  2006-10-09 15:20   ` aoliva
  2006-10-09 15:58     ` Gáspár Lajos
@ 2006-10-10  9:24     ` Pascal Hambourg
  1 sibling, 0 replies; 6+ messages in thread
From: Pascal Hambourg @ 2006-10-10  9:24 UTC (permalink / raw)
  To: netfilter

Hello,

aoliva a écrit :
> 
> Hi all, I am writing a match for iptables and I would like it to have a 
> different behaviour when it is called from different chains (e.g. 
> different behaviour when called from INPUT than OUTPUT) anyone knows how 
> to check in the match which is the chain that is calling it?

I do not have the answer to your question, but you could watch the code 
of the NETMAP target which does destination NAT in the PREROUTING chain 
and source NAT in the POSTROUTING chain. By the way, how does it behave 
in the OUTPUT chain ?


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2006-10-10  9:24 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-10-09 14:51 How to find out packet latency? Mohammad Farooq
2006-10-09 15:13 ` How to find the chain which calls the match aoliva
2006-10-09 15:20   ` aoliva
2006-10-09 15:58     ` Gáspár Lajos
2006-10-09 16:53       ` aoliva
2006-10-10  9:24     ` Pascal Hambourg

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox