Dear all,
I have big question in my mind about tc filter sintax. If I give tc -s -d
filter sh dev eth0 command, then the output is like below :
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 1 u32 fh
В сообщении от Sunday 28 October 2007 20:48:13 Daniel написал(а):
Dear all,
I have big question in my mind about tc filter sintax. If I give tc -s
-d filter sh dev eth0 command, then the output is like below :
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32
Hi Daniel.
Daniel wrote:
Dear all,
I have big question in my mind about tc filter sintax. If I give tc -s -d
filter sh dev eth0 command, then the output is like below :
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1:
Daniel wrote:
My question is :
1. What is fh 800: and fh 800::800 mean ?
2. How I change the value 800 in fh 800::800 ? I'm guessing this is
default value and I need to change that because my filter rule can be more
than 0xfff line.
Also check
Didn't got it! Why do you think you can't have all in one machine?
No I want them separate. The spaher is in one machine and the firewall
is on the second machine.
When I spoke about filtering I ment the classification rules and not the
netfilter.
You can have your FW *and* traffic control
Well so far I've used tc with htb with success, installed on a machine
with two ethernet interfaces acting as a bridge. On eth0 I applied the
ougoing policy and on eth1 the incomming.
My users ussualy they use lot of protocols ( IRC, KAZAA and many more )
the IRC protocol by itself is from port
On Mon, 30 Jun 2003 17:42:18 +0300
ÓôáìÜôçò ÊåêÝò [EMAIL PROTECTED] wrote:
My problem is on how to make a filter to accept sport 6667-7000. I've
searched but I didn't found anything usefull in the list archives.
Is there any way to do that or I have to make one filter per port ?
You can use
On Mon, 30 Jun 2003 18:05:07 +0300
? [EMAIL PROTECTED] wrote:
You can use iptables (for example) to mark the packets in the range
of ports you want and issue one filter for this mark
Thanks for the answer.
Well I thought that solution but I want to have all the filtering
Hello.
I tried this:
$ ./tc qdisc add dev ppp0 root handle 1:0 htb default 12
$ ./tc class add dev ppp0 parent 1:0 classid 1:1 htb rate 125kbit ceil 125kbit
$ ./tc class add dev ppp0 parent 1:1 classid 1:10 htb rate 10kbit ceil 125kbit
prio 0
$ iptables -j MARK --set-mark 11
$ ./tc
On 14-02-2003 at 11:19:10AM +0100, [EMAIL PROTECTED] wrote:
Hello.
I tried this:
$ ./tc qdisc add dev ppp0 root handle 1:0 htb default 12
$ ./tc class add dev ppp0 parent 1:0 classid 1:1 htb rate 125kbit ceil 125kbit
$ ./tc class add dev ppp0 parent 1:1 classid 1:10 htb rate 10kbit ceil
Hello Bartek,
Thanks a lot!
Philipp
Do I need some other kernel module?
Recompile Your kernel with option CONFIG_NET_CLS_FW.
Networking options ---QoS and/or fair queueing ---Firewall based
classifier
Rgds,
Bartek.
___
LARTC mailing list
11 matches
Mail list logo