FW filter unused/unloaded ???

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all.
 
I've written a small htb script that uses U32 and FW (marked by IPTABLES) filters, but TC doesn't seem to be using the "cls_fw.o" module !!!
 
I'm using redhat v9.0, kernel 2.4.8-20, iproute 2.4.7-7.
 
Here is my script:
==========================================================
#####################
#Interface definition
#####################
#interface="ppp0"
interface="eth0"
 
#####################
#Addresses definition
#####################
ip_src="192.168.1.240"
#ip_src2="225.0.7.110"
 
#########################################
#Delete any previous stored configuration
#########################################
tc qdisc del dev $interface root
 
########################################
#Creating the root Qdisc (Queueing Disk)
########################################
tc qdisc add dev $interface root handle 1: htb default 14
 
######################
#Definition of classes
######################
tc class add dev $interface parent 1: classid 1:1 htb rate 28800bps ceil 28800bps
tc class add dev $interface parent 1:1 classid 1:10 htb rate 1bps ceil 1bps prio 4
tc class add dev $interface parent 1:1 classid 1:11 htb rate 1bps ceil 28800bps prio 2
tc class add dev $interface parent 1:1 classid 1:12 htb rate 1bps ceil 28800bps prio 4
tc class add dev $interface parent 1:1 classid 1:13 htb rate 1bps ceil 28800bps prio 4
tc class add dev $interface parent 1:1 classid 1:14 htb rate 2000bps ceil 3000bps prio 2
 
##########################
#Definition of the filters
##########################
tc filter add dev $interface protocol ip parent 1:0 prio 1 u32 match ip src $ip_src match ip dport 20000 0xffff flowid 1:10
tc filter add dev $interface protocol ip parent 1:0 prio 1 u32 match ip src $ip_src match ip dport 20001 0xffff flowid 1:11
tc filter add dev $interface protocol ip parent 1:0 prio 1 u32 match ip src $ip_src match ip dport 20002 0xffff flowid 1:12
tc filter add dev $interface protocol ip parent 1:0 prio 1 u32 match ip src $ip_src match ip dport 20003 0xffff flowid 1:13
tc filter add dev $interface parent 1:0 protocol ip prio 1 handle 7 fw flowid 1:14
 
tc qdisc add dev $interface parent 1:10 handle 20: pfifo limit 5
tc qdisc add dev $interface parent 1:11 handle 30: pfifo limit 5
tc qdisc add dev $interface parent 1:12 handle 40: sfq perturb 10
tc qdisc add dev $interface parent 1:13 handle 50: sfq perturb 10
tc qdisc add dev $interface parent 1:14 handle 50: sfq perturb 10
===========================================================
 
After executing this script I get the following modules loaded in memory:
===========================================================
Module Size Used by Tainted: PF
sch_sfq 4096 2 (autoclean)
cls_u32 6300 1 (autoclean)
sch_htb 22016 1 (autoclean)
 ===========================================================
 
After that I manually load (insmod) the FW module and executed that script again, but it kept showing that It is still unused/unloaded !!!
===========================================================
Module Size Used by Tainted: PF
cls_fw 3512 0 (unused)
sch_sfq 4096 2 (autoclean)
cls_u32 6300 1 (autoclean)
sch_htb 22016 1 (autoclean)
 ===========================================================
 
Also if I try to see the actual loaded filters by TC I get this:
===========================================================
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:10
match c0a801f0/ffffffff at 12
match 00004e20/0000ffff at 20
filter parent 1: protocol ip pref 1 u32 fh 800::801 order 2049 key ht 800 bkt 0 flowid 1:11
match c0a801f0/ffffffff at 12
match 00004e21/0000ffff at 20
filter parent 1: protocol ip pref 1 u32 fh 800::802 order 2050 key ht 800 bkt 0 flowid 1:12
match c0a801f0/ffffffff at 12
match 00004e22/0000ffff at 20
filter parent 1: protocol ip pref 1 u32 fh 800::803 order 2051 key ht 800 bkt 0 flowid 1:13
match c0a801f0/ffffffff at 12
match 00004e23/0000ffff at 20
 ===========================================================
 
 
So I'm to assume that the filter FW (flowid 1:14) isn't being loaded ?
 
I cannot increase the kernel version number due to be using a binary driver from a mpeg4 capture board.
 
Can someone please help ?
 
Thanks in advance.
 
Best regards,
Paulo
 
 
 

Com conversas em vídeo tem já hoje um bocadinho de futuro. Clique aui! 
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux