* Andy Furniss <41DCFE27.4030704@xxxxxxxxxxxxx> 2005-01-06 09:00
I retried with a vanilla 2.6.10 + iptables 1.2.11 on a different box and it is the same.
2 options: 1) get latest -bk snapshot and apply http://people.suug.ch/~tgr/patches/pending/ The patchset fixes a lot of small issues, adds action capabilities to all classifiers, and extends tcindex and route classifier to be changeable during runtime. If problem remains, goto to 2.
Could take some time - I don't have bitkeeper and will have to find some disk space. I'll try soon(ish).
2) Provided detailed information about how your police configuration
looks like, wehther you are using CONFIG_NET_CLS_ACT, etc. so I can fix it.
I just tried some variations - but get an error - I am using new tc and get
RTNETLINK answers: Invalid argument We have an error talking to the kernel
with the last 2 - see below.
The only difference between working and not working cases when using tc -s qdisc ls dev eth0 is the drops count. The stats are OK apart from that.
And it is definitely classifier specific to fw?
I don't know what should I test with :-)
tc filter add dev eth0 parent ffff: protocol ip prio 1 u32 match ip src 0.0.0.0/0 police rate 100kbit burst 10k drop flowid :1
Works OK.
tc filter add dev eth0 parent ffff: protocol 6 prio 1 u32 match ip src 0.0.0.0/0 police rate 100kbit burst 10k drop flowid :1
Doesn't work even on 2.4 that fw test works on.
[andy@amd ~]$ grep NET_CLS /boot/config-lfs-5.1-2.4.26 CONFIG_NET_CLS=y CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_POLICE=y
Is the 2.4 that's OK.
[andy@amd ~]$ grep NET_CLS /boot/config-2.6.10 CONFIG_NET_CLS=y CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m # CONFIG_NET_CLS_IND is not set CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_ACT=y
Is the fail on fw but work on ip src 0.0.0.0/0
Below are the ones that throw an error when I tc filter add (anything)
tc qdisc add dev eth0 handle ffff: ingress is OK
[andy@amd ~]$ grep NET_CLS /boot/config-2.6.10-2 CONFIG_NET_CLS=y CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m # CONFIG_NET_CLS_IND is not set CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m # CONFIG_NET_CLS_ACT is not set CONFIG_NET_CLS_POLICE=y
[andy@amd ~]$ grep NET_CLS /boot/config-2.6.10-3 CONFIG_NET_CLS=y CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m # CONFIG_NET_CLS_IND is not set CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_ACT=y CONFIG_NET_CLS_POLICE=y
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
