Arindam Haldar wrote: > eth wrote: > >> Arindam Haldar wrote: >> >>> i want help in managing icmp traffic. this is what i tried --> >>> iptables -t mangle -A PREROUTING -d 10.0.0.0/8 -p 1 -j MARK >>> --set-mark 4001 >>> >>> tc filter add dev eth4 parent 5:0 match protocol ip 1 prio 2 handle >>> 4001 fw classid 5:105 >>> >>> i tried permutaion of >> match protocol ip 1 << but always getting >>> different errors. >>> i want to know whats the syntax for tc when i mark packets with >>> iptables of icmp type ! >>> iptables -nvL PREROUTING -t mangle does shows figures indicating icmp >>> packets r inded being marked ! >> >> >> If only ICMP is the criterion why bother with iptables? Afterwall the >> u32 filter of tc can match pretty anything in terms of tcp/ip... >> >> If I'm not wrong for example >> >> tc filter add dev eth1 protocol ip parent 5:0 prio 2 match ip dst >> 10.0.0.0/8 match ip protocol 1 0xff flowid 5:105 >> >> ... would create a filter to match all ICMP traffic destined to 10.0.0.0 >> > > # tc filter add dev eth4 parent 5:0 protocol ip prio 2 match ip dst > 10.0.0.0/8 match ip protocol 1 0xff flowid 5:105 > Unknown filter "match", hence "ip" is unparsable > > A.H > I AM EXTREMLY SORRY !! ... didnt add u32 to the above !.. :-( thanx 4 ur help !
