Handle limit in filter

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I've written a minimal sort of Perl module that dynamically creates
and destroys traffic control rules for specific IPs.  I'm currently
using it for a user bandwidth control application at a client site.

The module essentially gets Ethernet device(s), IP address and in/out
speeds as input and dynamically creates classes, queues and filters
for controlling speeds on the incoming and outgoing interfaces.  It
calls /sbin/tc internally to make the rules.  Similarly, when the user
is logged out, the module deletes the rules that it made earlier.

There are two issues I'm facing:

1. Is there any way remove filter rules without knowing the handle?
I'd like to be able to remove the filter rule using the same set of
data that I used to create it, but there doesn't seem to be any way to
do that.  Currently I'm parsing the whole ``tc filter show'' output to
find out the handle of the rule I'm interested in, then using that
handle in the ``tc remove'' command to delete the rule.  Inelegant and
inefficient, to say the least.

2. Can one have filter rules with handles > 800:fff?  After the
program has run for a while, the filter handle hits 800:fff, and then
I can not delete any of the new rules at all.  I'd be interested in
knowing how to make tc reuse handles; failing that, increasing the
number of unique handles would at least prevent my client from having
to reboot the server every day.

I'll be releasing the module under GPL once I've cleaned up the code
and documented the methods a bit.  Help on doing that appreciated.

Regards,

- -- Raju
- -- 
Raj Mathur                raju@xxxxxxxxxxxxx      http://kandalaya.org/
       GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
                      It is the mind that moves
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>

iD8DBQFE5b66yWjQ78xo0X8RAvNpAJ9kfvotl0Ife92qoyBPlqxC5G+cYACeNvAG
rJT3lU8kd46ymbYcJwhb7e0=
=oJKh
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux