Luuk Paulussen <Luuk.Paulussen@xxxxxxxxxxxxxxxxxxx> wrote: > Hi All, > > I'm still hoping for some feedback on this. I have some userspace > patches around this as well, (to set/show the tc_index in the > connection, and to add the marking/matching rules in iptables), but I am > holding off on sending them until I know what people think of this > idea/implementation first. I can't say for sure since I don't know enough about tc. However, AFAICS tc_index seems to be something that should be internal to tc and not exposed/changeable via iptables. > Basically it allows 16 bits of marking in skb and connmark for traffic > control purposes using an existing field in the skb. Why not extend cls_flow to allow matching ctmark directly via tc filters instead of requiring conntrack->foo copy to skb->foo? We also have -j CLASSIFY to set skb->priority and at least cls_flow seems to be able to match on that (did not test it). -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
