Finaly I tried to filter port > 32768 (bit 15=1 : 0x8000) with : tc filter add dev eth0 parent 10;10 protocol ip prio 100 u32 match ip sport 0x8000 0x8000 flowid 10:100 It seems to work fine, but I need to do more tests. Nikolai Vladychevski wrote: > Franck BALAZOT wrote: > > > > Hi all, > > > > I saw that the u32 selector can match a PATTERN so I can use it to > > filter on a port value like : > > > > tc filter add dev eth0 parent 10;10 protocol ip prio 100 u32 match ip > > sport 0x0014 0xffff flowid 10:100 > > > > (filter on the ftp-data (20) source port) > > > > But is there a method to filter all the source ports > 40000 for example > > ? > > > > 40,000 into HEX will be 0x9c40 > converting into binary it will be 1001110001000000 > > you have to use the mask to match only the highest 10 bits, so in binary > it will be 1111111111000000 wich in HEX will be 0x03ff , that's your > mask. > > finaly it will be: > tc filter add dev eth0 parent 10;10 protocol ip prio 100 u32 match ip > sport 0x0000 0x03ff flowid 10:100 > > well, but that's the theory, i never tried it, can you test it and reply > me back if it did work or not? > > thanks > nikolai -- ------------------------------------------------ Franck BALAZOT (fbalazot@xxxxxxx) AETA.COM 361, Avenue du Général De Gaulle 92140 CLAMART FRANCE Tél:01.41.36.12.93 ------------------------------------------------
