Hello Lev, On Monday 27 of April 2020 12:31:36 Lev R. Oshvang . wrote: > On Sun, Apr 26, 2020 at 11:17 PM Pavel Pisa <pisa@xxxxxxxxxxxxxxxx> wrote: > > Dear Lev, > > > > On Sunday 26 of April 2020 14:07:08 Lev R. Oshvang . wrote: > > > >From my google search I did not find any netfilter /iptable rule which > > > > > > allows to filter on CAN fields, message ID and other. > > > Please point me in the right direction. > > > > I am not sure if this can help, but Rostislav Lisovy > > has implemented linux-devel/net/sched/em_canid.c > > which has been merged around Linux kernel version 3.6 > > and is still there. It allows to classify CAN frames > > for purpose of queening disciplines. There is report > > with documentation how to use it > > > > https://rtime.felk.cvut.cz/can/socketcan-qdisc-final.pdf > > > > I am not sure if this can be used for netfilter. > > > > For sure CAN Gateway allows separation of real and virtual > > can network and full control on IDs which are passed. > > Hi Pavel, > Thanks for the info. > I read again cangw man page. It clearly states that filter might be > applied to incoming CAN traffic. > It does not answer my question of whether anybody uses Netfilter for > outgoing CAN messages? the use described in our report is for outgoing traffic to classify CAN frames to different output queues according to IDs to resolve different kind of buffering of different kind of CAN traffic. I.e. for best effort RT data ensure that only last one is sent and previous are forgottent if not sent in a time. For service data ensure that FIFO depth is long enough to hold all data etc. If I remember, it could be used to block some applications or nodes to send some IDs etc... What is your idea, need for use? Best wishes, Pavel
