You should change the prios. The first filter should have a lower prio
number than the second. That means that it is processed first and whatever
is not matched by it is passed on to filters with higher prio number.
> On Wed, 22 Feb 2006 11:43:40 +0200
> "Vaidas" <admin@xxxxxx> wrote:
>
>> With u32 you cannot negate, that's why it is lame...
>
> And why doesn't this work? (I send all port 80 to 1.2.3.4 to class 14
> /before/ I send the rest to classid 13):
>
> $TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
> match ip protocol 0x6 0xff \
> match ip dport 80 0xffff \
> match ip dst 1.2.3.4/32 \
> classid 1:14
>
> $TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
> match ip protocol 0x6 0xff \
> match ip dport 80 0xffff \
> classid 1:13
>
> Any ideas?
>
>> Use iptables for marking packets
>>
>> $TC filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip handle 14
>> fw classid 1:14
>>
>> Iptables -t mangle -A PREROUTING -p TCP --dport 80 -d ! 1.2.3.4 -j
>> MARK --set-mark 14
>
> Ok, thnx. That's of course a solution, but I just wondered if this were
> possible with u32...
>
> R.
>
> --
> ___________________________________________________________________
> It is better to remain silent and be thought a fool, than to speak
> aloud and remove all doubt.
>
> +------------------------------------------------------------------+
> | Richard Lucassen, Utrecht |
> | Public key and email address: |
> | http://www.lucassen.org/mail-pubkey.html |
> +------------------------------------------------------------------+
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
--
Anton Glinkov
network administrator
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
