Hello list,
I have these sorts of filters, putting traffic into the appropiate
classid (1:15 is the default class):
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip sport 22 0xffff \
classid 1:11 # ssh
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip dport 22 0xffff \
classid 1:11 # ssh
{and a few more 1:11 filters]
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x11 0xff \
match ip sport 123 0xffff \
classid 1:11 # return packets NTP
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \
match ip protocol 0x06 0xff \
match u8 0x05 0x0f at 0 \
match u8 0x10 0xff at 33 \
match u16 0x000 0xffc0 at 2 \
classid 1:11 # ACK's
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 2 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip dport 80 0xffff \
classid 1:12 # Webserver
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 3 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip sport 443 0xffff \
classid 1:13 # webmail server
${TC} filter add dev ${DEV_IFB} parent 1:0 prio 4 protocol ip u32 \
match ip protocol 0x6 0xff \
match ip dport 21 0xffff \
classid 1:14 # ftp-server
This works fine, but traffic for 1:14 (ftp) never gets into 1:14.
Is there a certain rule order in which filters must be written? As far
as I can see I haven't made any mistakes in these filters...
Anyone a hint?
R.
--
___________________________________________________________________
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht |
| Public key and email address: |
| http://www.lucassen.org/mail-pubkey.html |
+------------------------------------------------------------------+
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
