LARTC
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[LARTC] incoming traffic + iptable

from [mohican 542003] [Permanent Link][Original]
To: lartc@mailman.ds9a.nl
Subject: [LARTC] incoming traffic + iptable
From: "mohican 542003" <thelastmohican54@gmail.com>
Date: Wed, 28 Feb 2007 15:39:54 +0100
Delivered-to: sp-com-lists@consult.net
Delivered-to: lartc-list@securepoint.com
Delivered-to: lartc@outpost.ds9a.nl
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=Qyyjxvpj7B6LDBqnGEJ92Wa1wlqsM7b2Ip+kHOxFx61CkVhrKs7S67FYMkIVVdUG8Yi/xB2cM/Pmi2mrxqUfHs8v3/gnLhUma8dikYDUfb2lpYOsb2WETKw0wfUkpcEekMv5s0mJoupOo1ovFJDBIcOy79GwrHzFpA+oj8uwIlM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=ppEkJmtVaH2YaSZChrjY7THAp4gk8gE5es02Jnemo5DawOEMb+6ObN09CH2vqVU5B+HqU4aHVv5I1cp98uRZixl+9BvePWuZ6vYftfCkdVgA7IHO3Ty3YHbjwseBRDZjpBLPMV07umrDf13VIFUNVmxg6OUdfyeBGvI6WGW2pKw=
List-archive: <http://mailman.ds9a.nl/pipermail/lartc>
List-help: <mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id: "Mailinglist of the Linux Advanced Routing &amp; Traffic Control project" <lartc.mailman.ds9a.nl>
List-post: <mailto:lartc@mailman.ds9a.nl>
List-subscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
Sender: lartc-bounces@mailman.ds9a.nl
Hello,

i try to use iptables to mark packet and then to filter them with tc. Here is my script:
  iptables -t mangle -A PREROUTING -s 172.28.54.41/32 -p tcp -j MARK --set-mark 1
  tc qdisc add dev eth0 handle ffff: ingress
  tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw police rate 10000kbit burst 10000kbit mtu 1500k drop flowid :1

I can not use u32 because i have several filter with more than one IP address in each.

Packets seem to be well marked (command:  iptables -t mangle -L -vnx)
but packets are not filtered with tc.

Can someone help me ?

Thanks,

Olivier.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [LARTC] incoming traffic + iptable, mohican 542003 <=
Previous by Date:  [LARTC] Xen and tc problems, Padala, Pradeep
Next by Date:  [LARTC] Data rate with HTB, Sandrine . MASSON
Previous by Thread:  [LARTC] Xen and tc problems, Padala, Pradeep
Next by Thread:  [LARTC] Data rate with HTB, Sandrine . MASSON
Indexes:  [Date] [Thread] [Top] [All Lists]