[LARTC] Can we filter VLAN related fileds using U32 filter at Ingress?
Hi, Is there any way I can filter L2 related fields at Ingress using TC U32 filter. I want to filter VLAN, DSAP, SSAP related fields...and further take some packet actions(basically marking the incoming packets) on the basis of it. I do not want to use IPTables/EBTables for the same. You immediate help would be highly appreciated Thanks -- Maverick ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] [ANNOUNCE] iproute2-2.6.24-rc7
This is a preliminary release that includes all the changes for new features in 2.6.24. It should be backward compatible with older kernels. http://devresources.linux-foundation.org/dev/iproute2/download/iproute2-2.6.24-rc7.tar.bz2 Note: This release is for validation (don't put it in your distros), therefore I didn't bother signing it. Changelog since v2.6.23 release (edited). Alexander Wirt (2): Fix various typos and nitpicks Add parameters to usage help text. Andreas Barth (1): Remove bogus reference to tc-filters(8) from tc(8) manpage. Andreas Henriksson (4): Fix corruption when using batch files with comments and broken lines. iproute2: support dotted-quad netmask notation. iproute2: revert syntax help text mistake. iproute2: add synonyms for ip rule options to ip(8) manpage. Denys Fedoryshchenko (1): iptables compatiablity François Delawarde (1): tc mask patch Herbert Xu: Fix typo in tunnel code (o_key vs. i_key). Add NAT action Jesper Dangaard Brouer (3): Overhead calculation is now done in the kernel. Cleanup: tc_calc_rtable(). Change the rate table calc of transmit cost to use upper bound value. Patrick McHardy (1): iproute 2.6.23 incompatibility Pavel Emelyanov (1): iplink_parse() routine Stephen Hemminger 2.6.24-rc3 headers Fix off by one in nested attribute management. Fix dotted quad for bit order veth: use kernel header file snapshot target for makefile veth.h move to linux/ Manual page fixes add decode of match rules Use netinet/tcp.h (with correction) rather than kernel headers add include/netinet/tcp.h Revert "TC action parsing bug fix" Tomas Janousek (1): Correct documentation regarding PROMISC and ALLMULTI. Vitaliy Gusev (2): Fix lost export-dynamic veth device link management YOSHIFUJI Hideaki / 吉藤英明 (1): rto_min value display overflow ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] tc doesn't shape correct {SOLVED}
My issue is solved. Andy Furniss has mailed me a new set of rules which are doing exactly what you expect. For the record, here are the rules: /sbin/tc qdisc del dev bond1 root /sbin/tc qdisc add dev bond1 root handle 1: htb /sbin/tc class add dev bond1 parent 1: classid 1:1 htb rate 30mbit /sbin/tc qdisc add dev bond1 parent 1:1 handle 10: pfifo limit 300 /sbin/tc class add dev bond1 parent 1: classid 1:2 htb rate 10mbit /sbin/tc qdisc add dev bond1 parent 1:2 handle 20: pfifo limit 100 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 1 fw flowid 1:1 /sbin/tc filter add dev bond1 parent 1: protocol ip prio 0 handle 2 fw flowid 1:2 Thx for helping to fix this! Johan Johan Huysmans wrote: Hi All, I'm configuring my natting-firewall to do some tc shaping. Some traffic has to be shaped on 30mbit, some on 10mbit all the others are unlimited. The configuring and filtering works correctly. The traffic that is shaped at 30mbit is correct, but the traffic that is shapped at 10mbit only gets to 100KB/sec. It is on a device configured with bonding (both in and out interface). Any clue why shaped traffic at 10mbit only gets to 100KB/sec and not faster? Thx for any response, Johan Huysmans ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
