On Mon, Aug 16, 2010 at 9:40 PM, Luciano Coelho <luciano.coelho@xxxxxxxxx> wrote: > > Now that I have implemented the changes needed in the condition module > so that it has a target which can be used to set the condition, I came > up with the following rules to inform the userspace about the throughput > of a specific interface (in this case wlan0): > > iptables -N throughput > iptables -N test_above > iptables -N test_below > iptables -A INPUT -i wlan0 -j throughput > iptables -A OUTPUT -o wlan0 -j throughput > iptables -A throughput -j RATEEST --rateest-name throughput --rateest-interval 250.0ms --rateest-ewmalog 500.0ms > iptables -A throughput -m condition --name throughput ! --value 1 -j test_above > iptables -A throughput -m condition --name throughput ! --value 2 -j test_below > iptables -A test_above -m rateest --rateest1 throughput --rateest-bps1 0 --rateest-bps2 512bps --rateest-gt -j CONDITION --value 1 --name throughput > iptables -A test_above -m condition --name "throughput" --value 1 -j NFLOG --nflog-prefix "ABOVE " > iptables -A test_below -m rateest --rateest1 throughput --rateest-bps1 0 --rateest-bps2 512bps --rateest-lt -j CONDITION --value 2 --name throughput > iptables -A test_below -m condition --name "throughput" --value 2 -j NFLOG --nflog-prefix "BELOW " > > This is just a proof of concept and I'm sure it can be optimized (I'll > look into it once it works fully). > > Anyway, my problem now, is that the rate estimator targets are only > reached when there are packets coming through (for obvious reasons). > What is happening is that, if the last packet sent through this > interface is sent as part of a high throughput burst, the last signal > the userspace will get is "ABOVE". After that, the interface becomes > idle and the "BELOW" signal is never sent, even though we will be > transmitting at 0 bps. > > Does anyone have an idea on how I could solve this problem? > > I have been considering using the IDLETIMER target and activate it when > the throughput goes to HIGH. Then if this timer expires, it would > inform the userspace that now there's no data going through. But this > sounds very artificial to me and will add one more dependency on the > userspace, since the IDLETIMER is using sysfs to inform userspace, > instead of netlink. > Read the code of IDLETIMER again, and I notice that IDLETIMER will wake up all the sleepers on the corresponding sysfs files. So no polling is needed, what you need do is watching another files for read. You can use select/poll/epoll. It should be no very difficult. -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
