Hello,
I'm researching (=breaking my head to find) ways to classify ingress
traffic to a cgroup. Is this possible?
Details:
With something like the following I can easily filter egress:
$ echo 0x00010010 >net_cls.classid
$ tc filter add dev $iface protocol ip parent 1:0 prio 1 handle 1 cgroup
But I'm very much in the dark about my options to correctly
filter/classify ingress with a clever combination of connmarks, fwmarks,
cgroups and/or ifb interfaces (imq is not an option in this case).
Though it seems that some of this field is still very much in flux, I'm
trying to come up with a solution that will work on Debian Wheezy's 3.2
kernel.
Any help or pointers in the right direction are much appreciated.
Best,
--
- Pieter
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
