Andreas Unterkircher wrote:
Hello list, I'm currently a bit planless so perhaps someone here could give me a point in the right direction. History: I wrote a shaper web tool (http://shaper.netshadow.at) and now got several feature requests if it would be possible to graph "what's going on" (this mean per IP address, tcp/udp ports or protocols) in a specific chain. A chain represents a specific tc-class. Packets get into this chains via tc-filter or iptables MARK. Currently I'm drawing graphs with data got from the dequeuing counters via tc -s class show dev ${IF}. Not the best way - I know - but it was enough till yet. Now the question is - is it possible to get direct access to network packets that flow through a specifc tc-class? I was thinking about iptables and dumping the MARK-value via libpcap. But I don't think that this will work because the pcap-filter is attached to the device itself before the iptables rules (like the restore-mark) are acting. So I guess libpcap will not see this.
No it won't, but its not able to use the netfilter mark anyway. One way would be to use the ipt action combined with the ULOG target and send packets to userspace that way. _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
