Re: Layer7 module doesn't detect nothing on my bridge with a 2.6.18.3 kernel

["ArcosCom Linux User" <linux@xxxxxxxxxxxx>]

With:
   linux-2.6.18.5
   iptables-1.3.7
   layer7-2.7

Is working fine (normal and SMP configs), with linux-2.6.19.x not.

See:

Chain PREROUTING (policy ACCEPT 174K packets, 91M bytes)
num   pkts bytes target     prot opt in     out     source              
destination
1    13957 1482K            0    --  *      *       0.0.0.0/0           
0.0.0.0/0           ipp2p v0.8.2 --ipp2p
2    81516   66M            0    --  *      *       0.0.0.0/0           
0.0.0.0/0           LAYER7 l7proto edonkey

Regards

El Mar, 12 de Diciembre de 2006, 11:27, Sébastien CRAMATTE escribió:
> Hello
>
> I've setuped a QOS bridge under debian 3.1 using 2.6.18.3 kernel +
> iptables 1.3.6
>
> I've patched the kernel an Iptables with esfq+layer7 without problems.
>
>
> This simple script doesn't log nothing ...  And I'm sure to have  eMule
> traffic  (I've checked with tcpdump )
> If   I remove  " -m layer7 --l7proto edonkey \"  line  I can  see
> iptables log in  /var/log/kern.log
> I've test with other protocols like skype or messenger ... layer7 filter
> seems to be simply ignored ...
>
> Syslog or kern.log still empty ...
>
> #!/bin/sh
>
> DEV=eth0
> BR=br0
> SHAPPER=CPE
>
> iptables -t mangle -N ${SHAPPER}
> iptables -t mangle -A POSTROUTING -o ${BR}
> -m physdev --physdev-out ${DEV}
> \-j ${SHAPPER}
>
> iptables -t mangle -A ${SHAPPER} \
> -m layer7 --l7proto edonkey \
> -j LOG --log-prefix eMule
>
> As you can see below my eth0 and eth1  interface are not in PROMISC mode
> because
> I use physdev module and user iptables chain to redirect all traffic
>
> #ifconfig
>
> br0 Link encap:Ethernet HWaddr 00:30:48:87:99:28
> inet addr:xxx.xxx.xxx.xxx Bcast: xxx.xxx.xxx.xxx Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:146572 errors:0 dropped:0 overruns:0 frame:0
> TX packets:14813 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:13160188 (12.5 MiB) TX bytes:2391735 (2.2 MiB)
>
> eth0 Link encap:Ethernet HWaddr 00:30:48:87:99:28
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:588665 errors:0 dropped:0 overruns:0 frame:0
> TX packets:226155 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> RX bytes:170415971 (162.5 MiB) TX bytes:138342082 (131.9 MiB)
> Base address:0xc000 Memory:f2000000-f2020000
>
> eth1 Link encap:Ethernet HWaddr 00:30:48:87:99:29
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:211410 errors:0 dropped:0 overruns:0 frame:0
> TX packets:566435 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> RX bytes:135919959 (129.6 MiB) TX bytes:162558207 (155.0 MiB)
> Base address:0xd100 Memory:f1000000-f1020000
>
> # lsmod
> Module                  Size  Used by
> ipt_ipp2p               6400  0
> ipt_LOG                 5248  2
> xt_multiport            2176  4
> ipt_layer7              8840  14
> cls_u32                 5636  6
> sch_esfq                4736  10
> xt_CLASSIFY             1024  28
> xt_limit                1280  0
> ipt_TOS                 1152  0
> xt_length               1152  6
> ipt_tos                  896  2
> sch_htb                12544  2
> xt_physdev              1808  2
> floppy                 44580  0
> e1000                 100032  0
> ehci_hcd               22152  0
> uhci_hcd               16012  0
> usbcore                86148  3 ehci_hcd,uhci_hcd
> i82875p_edac            3332  0
> dm_mod                 34488  5
> rtc                     6708  0
>
>
>
> Any Ideas
> Thanks for your help
>
> Regards
>
> Sébastien
>
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>


_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc