On Wed, Feb 08, 2006 at 07:58:48PM +0200, Imre Gergely wrote:
> at first, there is that default table 800::, where i create these 'hashing
> filters'. if i have 300 of them, how are they processed? if a packet comes in,
> what happens? are they looked up in the same order i created them? like in
> iptables?
Yes, if i understood you correctly.
You can create a hash to match a network (hashkey mask 0x0000ff00), then
match an address (in another hash table). Or even match with hashkey mask
0x000ff000 (or another bits), then... etc. You can cascade them, in other
words.
> then, if say, one filter matched, the more specific filter table is looked up,
> the key being the last octet of the ip address (specified by the mask
> 0x000000ff). it looks up the right entry in the table, and it know in which
> flow (in which class) it should put the packet in. right?
>
> now what if i have to filters? one with, say, a source port of 25 specified,
> the other one with port 80.
Mmm... If I understood you... :-) Sorry, that's my english.
Every hash table cell may contain many filters, they will be processed in
sequence. And if the packet will not match any of them, it'll be dropped
to default class.
>
> these are some 'subquestions' :) the main question is the optimisation of
> course :) i was just wondering how things are done.
--
_,-=._ /|_/|
`-.} `=._,.-=-._., @ @._,
`._ _,-. ) _,.-'
` G.m-"^m`m' Dmytro O. Redchuk
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
