Re: traffic shaping with tc and nft

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Lars Noodén <lars.nooden@xxxxxxx> writes:

> Hello,
>
> I'm working on traffic shaping with tc and have some old iptables rules
> with which I've tried to use iptables-translate to convert legacy
> instructions to nftables.  For example, I have the following:
>
>     iptables -t mangle -A OUTPUT -p tcp --match multiport \
> 	--sports 22,1965 -j MARK --set-mark 100
>
> and the result is,
>
>     nft add rule ip mangle OUTPUT ip protocol tcp \
> 	tcp sport {22,1965} counter meta mark set 0x64

Blind shot: in nftables you have no OUTPUT chain by default so I suspect
you have to create it manually.

nft add chain ip mangle  OUTPUT ...

KJ


-- 
http://wolnelektury.pl/wesprzyj/teraz/
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux