Hi,
I am trying to understand the role of 'mask' following fwmark, in the
output of command
"ip -4 rule list"
Can somebody please explain the meaning of line below in RPDB output on
android device.
13000: from all fwmark 0x101f6/0x1ffff lookup rmnet_data1
My understanding is if a packet is marked with some packet mark <12345678>,
That mark is compared against firewall mark 0x101f6/0x1ffff . If it is a
match, then routing lookup proceeds to table rmnet_data1.
Q1) What is the role of 0x101f6/0x1ffff ?
I have studied http://ipset.netfilter.org/iptables-extensions.man.html
This says that iptables MARK target
--set-mark value[/mask] Zeroes out the bits given by mask and ORs value
into the packet mark. If mask is omitted, 0xFFFFFFFF is assumed.
To be precise, (packetmark&~mask)|value is the value placed as new
packet mark using the iptables MARK target.
What is the equation for fwmark value/mask in ip rule selector command ?
Q2) How is value/mask used in context of fwmark match in RPDB ?
Complete output of "ip -4 rule list" on my android device running android M
is below
0: from all lookup local
10000: from all fwmark 0x0/0x10000 lookup legacy_system
10000: from all fwmark 0xc0000/0xd0000 lookup legacy_system
10500: from all oif dummy0 uidrange 0-0 lookup dummy0
10500: from all oif rmnet_data1 uidrange 0-0 lookup rmnet_data1
13000: from all fwmark 0x10063/0x1ffff lookup local_network
13000: from all fwmark 0x101f6/0x1ffff lookup rmnet_data1
14000: from all oif dummy0 lookup dummy0
14000: from all oif rmnet_data1 lookup rmnet_data1
15000: from all fwmark 0x0/0x10000 lookup legacy_system
16000: from all fwmark 0x0/0x10000 lookup legacy_network
17000: from all fwmark 0x0/0x10000 lookup local_network
19000: from all fwmark 0x1f6/0x1ffff lookup rmnet_data1
22000: from all fwmark 0x0/0xffff lookup rmnet_data1
23000: from all fwmark 0x0/0xffff uidrange 0-0 lookup main
32000: from all unreachable
--
--
unsubscribe: [email protected]
website: http://groups.google.com/group/android-kernel
---
You received this message because you are subscribed to the Google Groups
"Android Linux Kernel Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
