Re: Strange behavior deleting filters

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi;

no clue :-(
May I ask why you are using "handle" and not "parent" since HTB is used?
And what eventually are the differences?

Lars


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Lars,
>
> I knew that (I use this form, but with handle, it doesn't work), but if what you
> said is truth, the folowing command would have work:
>
> tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> src 10.10.10.10 flowid 1:12
> RTNETLINK answers: No such file or directory
>
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> src 10.10.10.11 flowid 1:12
>
> What you thing about that ?
>
> Telles
>
> Lars Landmark wrote:
> |
> | Hi Rodrigo;
> |
> | When you add a new filter rule, you write "tc filter add .....".  If you
> | now substitute add with del, you are able to delete the right filter
> | without any other filters being deleted.
> |
> | Hope this helps.
> |
> | Lars
> |
> |
> | On Thu, 8 Jan 2004, Rodrigo P. Telles wrote:
> |
> |
> |>-----BEGIN PGP SIGNED MESSAGE-----
> |>Hash: SHA1
> |>
> |>Patrick,
> |>
> |>Based in your explanation, I tried that:
> |>
> |># adding root qdisc, class and filters
> |>tc qdisc add dev eth0 root handle 1: htb
> |>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
> |>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
> |>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
> |>
> |>tc qdisc add dev eth0 parent 1:11 handle 11: sfq
> |>tc qdisc add dev eth0 parent 1:12 handle 12: sfq
> |>
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
> |>src 10.10.10.10 flowid 1:11
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> |>src 10.10.10.11 flowid 1:12
> |>
> |># tc filter show dev eth0
> |>filter parent 1: protocol ip pref 1 u32
> |>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> |>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
> |>flowid 1:11
> |>~  match 0a0a0a0a/ffffffff at 12
> |>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
> |>flowid 1:12
> |>~  match 0a0a0a0b/ffffffff at 12
> |>
> |># deleting a rule
> |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
> |>Must specify filter type when using "handle"
> |>
> |>Humm, I got back to LARTC Howto, but I can't found anything about "filter type" !
> |>
> |>What's wrong ?
> |>
> |>Telles
> |>
> |>
> |>Patrick McHardy wrote:
> |>| Andre Correa wrote:
> |>|
> |>|>
> |>|> Patrick, tks for the info but I'm sure I got your idea.
> |>|>
> |>|> A filter handle is something like: "804::800" right?
> |>|
> |>|
> |>| Not exactly. How handles are handled depends on the classifier,
> |>| fw classifier for example uses its own handle to match the nfmark,
> |>| route creates handles of its own and errors if the handle supplied
> |>| from userspace differs.
> |>|
> |>| Maybe a example clears things up:
> |>| <add filters>
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
> |>|
> |>| <show filters>
> |>| filter protocol ip pref 1 route
> |>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
> |>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
> |>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
> |>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
> |>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
> |>|
> |>| As you can see the route classifier uses realm | 0x8000.
> |>|
> |>| <delete filters>
> |>| tc filter del dev lo pref 1 handle 0x00048000 route
> |>| tc filter del dev lo pref 1 handle 0x00058000 route
> |>| tc filter del dev lo pref 1 handle 0x00068000 route
> |>| tc filter del dev lo pref 1 handle 0x00078000 route
> |>| tc filter del dev lo pref 1 handle 0x00088000 route
> |>|
> |>| <show filters again>
> |>| filter protocol ip pref 1 route
> |>|
> |>| Only the container of the single filters is left. To destroy it, delete by
> |>| priority: "tc filter del dev lo pref 1".
> |>|
> |>| Hope that helps.
> |>|
> |>| Patrick
> |>|
> |>|
> |>|> I've tried this (supose classes 1:1 and 1:2 exist):
> |>|>
> |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
> |>|> match ip src 10.10.10.10 flowid 1:1
> |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
> |>|> match ip src 10.10.10.11 flowid 1:2
> |>|>
> |>|> and then:
> |>|>
> |>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
> |>|>
> |>|> but both filter are deleted...
> |>|>
> |>|> Am I missing something?
> |>|>
> |>|> tks a lot...
> |>|>
> |>|> Andre
> |>|>
> |>|
> |>|
> |>| _______________________________________________
> |>| LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> |>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> |>|
> |>|
> |>
> |>- --
> |>- ------------------------------------------------------
> |>Rodrigo P. Telles <telles@xxxxxxxxxxxxxxx>
> |>Gerente de Projetos - http://www.devel-it.com.br
> |>Devel-IT - Uma empresa do Grupo TDKOM
> |>- ------------------------------------------------------
> |>-----BEGIN PGP SIGNATURE-----
> |>Version: GnuPG v1.0.7 (GNU/Linux)
> |>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> |>
> |>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
> |>Ly6eZtiaSTtrWMrpPm9MxnQ=
> |>=rhE2
> |>-----END PGP SIGNATURE-----
> |>
> |>_______________________________________________
> |>LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> |>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> |>
> |
> |
> |
>
> - --
> - ------------------------------------------------------
> Rodrigo P. Telles <telles@xxxxxxxxxxxxxxx>
> Gerente de Projetos - http://www.devel-it.com.br
> Devel-IT - Uma empresa do Grupo TDKOM
> - ------------------------------------------------------
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI
> C+1AYYFiTKvXabVcluSnR6E=
> =C9Xe
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux