u32 and iptables do not work together

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

   Hello all,
I am trying to make a filter into my QoS rules and I founded that when I try to use filters u32 and with fwmark they do not work together. This is the filter I use, just and example, for u32:
$TC filter add dev $DL parent 1:0 protocol ip prio 1 u32 match ip sport 22 0xffff flowid 1:10
This is working fine. Now if I try to mark a package that I want it to go to the same class (1:10) it get an error: 

$IPT -t mangle -A PREROUTING -s 200.163.208.4 -j MARK --set-mark 10

   Then I tryed to make the filter for this:
$TC filter add dev $DL parent 1:0 protocol ip prio 1 handle 10 fw classid 1:10 

RETURNS:
[root@ns1 rc.d]# /sbin/tc filter add dev eth3 parent 1:0 protocol ip prio 1 handle 10 fw classid 1:10 
RTNETLINK answers: Invalid argument
We have an error talking to the kernel
[root@ns1 rc.d]#
Anyone knows what can I do? My full script (the one that is working fine is at the end). 

Att,

Nataniel Klug



------
#!/bin/sh
#------
# Script de QoS Cyber Nett
#------
# Nataniel Klug
# suporte@xxxxxxxxxxxx
#------

TC="/sbin/tc"
IPT="/usr/local/sbin/iptables"

DL="eth3"

#------
# Apagando regras antigas de QoS
#------
$TC qdisc del dev $DL root    2> /dev/null > /dev/null
$TC qdisc del dev $DL ingress 2> /dev/null > /dev/null

#------
# Regras para a placa eth1
#------
$TC qdisc add dev $DL root handle 1: htb default 50

CLASS="/sbin/tc class add dev $DL parent"
$CLASS 1: classid 1:1 htb rate 3072Kbit
$CLASS 1:1 classid 1:10 htb rate 256Kbit prio 1
$CLASS 1:1 classid 1:20 htb rate 1024Kbit ceil 2048Kbit prio 2
$CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 512Kbit prio 3
$CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 512Kbit prio 3
$CLASS 1:1 classid 1:50 htb rate 512Kbit ceil 512Kbit prio 4

QDISC="/sbin/tc qdisc add dev $DL parent"
$QDISC 1:10 handle 10: sfq perturb 10
$QDISC 1:20 handle 20: sfq perturb 10
$QDISC 1:30 handle 30: sfq perturb 10
$QDISC 1:40 handle 40: sfq perturb 10
$QDISC 1:50 handle 50: sfq perturb 10

FILTER="/sbin/tc filter add dev $DL parent 1:0 protocol ip prio 1 u32"

$FILTER match ip protocol 1 0xff flowid 1:10
$FILTER match ip sport 22 0xffff flowid 1:10
$FILTER match ip sport 23 0xffff flowid 1:10
$FILTER match ip sport 2202 0xffff flowid 1:10

$FILTER match ip sport 6121 0xffff flowid 1:10
$FILTER match ip sport 5121 0xffff flowid 1:10

$FILTER match ip sport 80 0xffff flowid 1:20
$FILTER match ip sport 443 0xffff flowid 1:20
$FILTER match ip sport 3128 0xffff flowid 1:20
$FILTER match ip src 200.189.176.206/32 flowid 1:20
$FILTER match ip src 200.189.176.205/32 flowid 1:20
$FILTER match ip sport 5065 0xffff flowid 1:20
$FILTER match ip sport 5070 0xffff flowid 1:20

$FILTER match ip sport 53 0xffff flowid 1:30
$FILTER match ip sport 25 0xffff flowid 1:30
$FILTER match ip sport 110 0xffff flowid 1:30

$FILTER match ip sport 21 0xffff flowid 1:40
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux