filter ingress policy based on nfmark

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all.
Since I move on to 2.6 kernel , filter ingress policy based on nfmark won´t 
work.
Sorry for my english.

Simple example:

iptables  -t mangle -I PREROUTING -j MARK --set-mark 1

${QDISC_ADD} handle ffff: ingress
${FILTER_ADD} parent ffff: protocol ip prio 100 handle 1 fw \
police rate 128Kbit burst 10k drop flowid 2:11

# tc -s -d qdisc ls dev eth0
qdisc ingress ffff: ----------------
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
 rate 0bit 0pps backlog 0b 0p requeues 0

# iptables -t mangle -L -n -v
pkts bytes target     prot opt in     out     source               destination
 1362  293K MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
MARK set 0x1

No problems at 2.4 kernel.

-- 
Best Regards,
Martin Vassilev
NetSurf.net Ltd.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux