On Saturday 26 April 2003 06:50, Paul Evans wrote:
> Hi Stef,
>
> On April 25, 2003 13:53 pm, Stef Coene wrote:
> > You can only solve that problem with the fw filter. But you can use the
> > fw filter in a special way. If you add 1 fw filter with no options, the
> > mark is used to classify the packets. So if you have a packet with mark
> > 10, it will placed in class x:10. So you only have the 500 iptables
> > rules and only 1 filter rule.
>
> You mean instead of a zillion of these:
> $tc filter add dev $extif parent 1:0 protocol ip handle $var fw flowid
> 1:$var
>
> It's just one of:
> $tc filter add dev $extif parent 1:0 protocol ip fw
> ?
>
> I see it doesn't error, but I haven't tried it on the real thing yet.
It works. If you add that filter, packets with mark 11 will end in class
1:11. Actually you use a bery fast hash key so you don't need to check all
the filters.
But be aware. Mark and classid is in hex. So somtimes 10 is translated in to
A. So it's better to specify 0x10 for the mark so you are sure it's in hex.
> Also, could I then add further filters *with* options and would they be
> honored? It'd be very cool if so.
Yes. You can iuse the fw filter to put the packets in a class. And you can
add extra filters to that class to classify the packets in sub classes :
1:0
1:1
1:10
1:11
$tc filter add dev $extif parent 1:0 protocol ip handle $var fw
$tc filter add dev $extif parent 1:10 blabla flowid 1:10
$tc filter add dev $extif parent 1:11 blabla flowid 1:11
> I totally missed that info. Time to revisit ahu's doc I guess; I didn't see
> it on your site.
I know it can be done, but I never checked it my self. So if it works, let me
know :) And if it works, I create an extra fas and update the howto.
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
