Re: tc filter don't match packets

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hi,

in this simple case you must attach the filter to the root:

[...]
> tc qdisc add dev eth0 root handle 1: htb default 10
[...]
> tc filter add dev eth0 parent 1:11 protocol ip prio 1 u32 match ip
> dport 80 0xffff flowid 1:11
[...]

Should be:

tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 match ip dport 80 0xffff flowid 1:11


The traffic gets enqueued traversing the filters attached to each node but starting at the root node. You must provide a way to arrive to a leaf.

In man tc-htb it says:

       "When enqueueing a packet, HTB starts at the root and uses various meth-
       ods to determine which class should receive the data.

       In the absence of uncommon configuration options, the process is rather
       easy.  At each node we look for an instruction,  and  then  go  to  the
       class  the  instruction  refers  us  to. If the class found is a barren
       leaf-node (without children), we enqueue the packet there. If it is not
       yet  a  leaf  node, we do the whole thing over again starting from that
       node.

       The following actions are performed, in order at each  node  we  visit,
       until one sends us to another node, or terminates the process.

       (i)    Consult filters attached to the class. If sent to a leafnode, we
              are done.  Otherwise, restart.

       (ii)   If none of the above returned with an  instruction,  enqueue  at
              this node.

       This  algorithm makes sure that a packet always ends up somewhere, even
       while you are busy building your configuration."


In your case, the packets arrive to the root node to get enqueed but due to that there is no filter attached it will get to the default 10.
I hope this helps,

Regards,
Eric Janz
--

ADVERTENCIA LEGAL
El contenido de este correo es confidencial y dirigido unicamente a su destinatario. Para acceder a su clausula de privacidad consulte http://www.barceloviajes.com/privacy

LEGAL ADVISORY
This message is confidential and intended only for the person or entity to which it is addressed. In order to read its privacy policy consult it at http://www.barceloviajes.com/privacy

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux