Good suggestion to use ulog for this. So I could dump the exactly
traffic which would run through a class (CLASSIFY)
to analyze and extract the necessary data to draw the graphs. So I do
not have to parse my class (IP or MAC) out of a
full tcpdump stream.
Sadly not possible with tc-filter. But perhaps I could do this for tc
with Vincent Perrier's sch_spy module.
Cheers,
Andreas
Patrick McHardy schrieb:
Andreas Unterkircher wrote:
Hello list,
I'm currently a bit planless so perhaps someone here could give me a
point in
the right direction.
History: I wrote a shaper web tool (http://shaper.netshadow.at) and
now got
several feature requests if it would be possible to graph "what's
going on"
(this mean per IP address, tcp/udp ports or protocols) in a specific
chain. A
chain represents a specific tc-class. Packets get into this chains via
tc-filter or iptables MARK.
Currently I'm drawing graphs with data got from the dequeuing
counters via tc
-s class show dev ${IF}. Not the best way - I know - but it was
enough till
yet.
Now the question is - is it possible to get direct access to network
packets
that flow through a specifc tc-class?
I was thinking about iptables and dumping the MARK-value via libpcap.
But I
don't think that this will work because the pcap-filter is attached
to the
device itself before the iptables rules (like the restore-mark) are
acting. So
I guess libpcap will not see this.
No it won't, but its not able to use the netfilter mark anyway. One way
would be to use the ipt action combined with the ULOG target and send
packets to userspace that way.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
