I have a very straight-forward query. Suppose I have the following setup: tcclasses ~~~~~~~~~ be:21 - 300kbps 1mbit 2 be:21:22 - 10kbps:50ms:1500b full 2 [...] be:26 - 50kbps:30ms:1500b 150kbps 2
tcfilters ~~~~~~~~~ be:22 1.1.1.22 - tcp 22 1111 be:26 1.1.1.0/24 When the filrewall file is compiled, this results in the following snippet of code for tc to execute: firewall ~~~~~~~~ tc filter add dev ifb0 protocol ip parent be:0 prio 10 u32\ match ip src 1.1.1.22/32\ match ip protocol 6 0xff\ link 0x001:0 offset at 0 mask 0x0F00 shift 6 plus 0 eat tc filter add dev ifb0 protocol ip parent be:0 prio 10 u32 ht 0x001:0\ match tcp dst 22 0xffff\ match tcp src 1111 0xffff\ flowid be:22 tc filter add dev ifb0 protocol ip parent be:0 prio 10 u32\ match ip src 1.1.1.0/24\ flowid be:26 The question I have is this: what entry would get a priority if I connect from 1.1.1.22, dest port 22 and src port 1111? This will match both entries above and since the priority seems to be the same I don't know what would be matched first. Thanks. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
