|
Hey all, I
recently read on a prior post as well as the FAQ that packets can be limited by
mac address using the u32 filter. I attempted this and, while all the commands
went through with no errors, it is not limiting at all. I’m attempting to
limit all IP traffic to a specific destination mac address (00:12:3f:05:43:7f).
Here is a quick rundown of the commands I’ve used: tc qdisc add dev eth1 root handle 1: prio tc qdisc add dev eth1 parent 1:1 handle 11: pfifo tc qdisc add dev eth1 parent 1:2 handle 12: htb tc class add dev eth1 parent 12: classid 12:10 htb rate
128kbit tc qdisc add dev eth1 parent 12:10 sfq quantum 1514 perturb
15 tc filter add dev eth1 protocol ip parent 12: prio 5 u32
match u16 0x0800 0xFFFF at -2 match u32 0x3f05437f 0xFFFFFF at -12 match u16
0x0012 0xFFFF at -14 flowid 12:10 eth1 is the outgoing interface on a bridge I have setup. When I download a large file through the bridge, it is still
showing 7Mbit on a 10Mbit network. The weird part is, everything limits just
fine if I change the filter to match by IP destination instead of mac address
destination. The only problem with this is that I require it be done by mac
address. The filter by ip I use is: tc filter add dev eth1 protocol ip parent 12: prio 5 u32
match ip dst xxx.xxx.xxx.xxx/32 flowid 12:10 Filtering by destination IP has worked for me for months now
just fine. The only problem is, I’m opening up DHCP to a pool and want to
limit by destination mac address since I can’t be sure what IP someone is
getting without interaction with the dhcp lease file. Does anyone notice
anything I may be doing wrong? Your help would be much appreciated. Thanks. Adam |
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
