W dniu 16.11.2012 23:46, Andrew Beverley napisał(a):
On Fri, 2012-11-16 at 19:18 +0000, Andy Furniss wrote:
Unfortunately, when you add lines "tc filter add dev eth2 protocol
ppp_ses parent 1:0 prio 6 u32 ht 800:: match ip dst 31.41.209.0/24
at 24 hashkey mask 0x000000ff at 24 link 4a:" protocol change to
ip
Maybe avoid using match ip dst 31.41.209.0/24 for ppp_ses and use
u32
hex instead - u32 match u32 1f29d100 ffffff00 at 24
I don't think it really helps in your scenario but I'll chip in
anyway.
You can achieve multiple matches with one filter by doing the
matching
in iptables, marking the packets with the same mark, and then
filtering
on that mark.
Unfortunately Marking the the input interface is not visible on the
Ethernet interface, only on the pppoe interface
---
PREROUTING
26616 94M MARK all -- eth0 * 0.0.0.0/0
31.41.209.141 MARK set 0x480
30087 1246K MARK all -- ppp+ * 31.41.209.141
0.0.0.0/0 MARK set 0x480
POSTROUTING
0 0 ACCEPT all -- * eth2 0.0.0.0/0
0.0.0.0/0 mark match 0x480
1521 5305K ACCEPT all -- * ppp+ 0.0.0.0/0
0.0.0.0/0 mark match 0x480
---
eth0 is external interfejs
eth2 is lan interfece
ppp is created on eth2 interface
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
