Hi all,
Whenever I start up TC and implement traffic policing using ingress, I
get logs that goes something like this:
Classifier actions preferred over ingress.
What does that mean??
This are the relevent lines :
tc qdisc add dev $DEV handle ffff: ingress
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src
0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
--
Ow Mun Heng
Gentoo/Linux on D600 1.4Ghz
98% Microsoft(tm) Free!!
Neuromancer 10:46:57 up 1:40, 5 users, 0.18, 0.33, 0.36
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi all, I have IPTABLES 1.2.10 and i have a weird problem with CONNMARK When i run: # iptables -v -t mangle -F # iptables -v -t mangle -A PREROUTING -p tcp -j CONNMARK --restore-mark CONNMARK tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 CONNMARK restore iptables: No chain/target/match by that name Why is that happening?? The command: # iptables -v -j CONNMARK -h returns: CONNMARK target v1.2.10 options: --set-mark value[/mask] Set conntrack mark value --save-mark [--mask mask] Save the packet nfmark in the connection --restore-mark [--mask mask] Restore saved nfmark value So everything seens fine to me........ Thanks... -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.6.9 - Release Date: 6/1/2005 _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
I see... I''ll do this.
But..... Is CONNMARK supported in newer versions of the Kernel? Wich one?
Regards,
LEANDRO TRAVAGLIA
Nguyen Dinh Nam wrote:
> it''s because your kernel doesn''t support CONNMARK, apply
patch-o-matic
> then recompile your kernel, then it''ll work.
>
> Leandro Travaglia wrote:
>
>> Hi all,
>>
>> I have IPTABLES 1.2.10 and i have a weird problem with CONNMARK
>>
>> When i run:
>> # iptables -v -t mangle -F
>> # iptables -v -t mangle -A PREROUTING -p tcp -j CONNMARK --restore-mark
>> CONNMARK tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 CONNMARK
>> restore
>> iptables: No chain/target/match by that name
>>
>> Why is that happening??
>>
>> The command:
>> # iptables -v -j CONNMARK -h
>> returns:
>> CONNMARK target v1.2.10 options:
>> --set-mark value[/mask] Set conntrack mark value
>> --save-mark [--mask mask] Save the packet nfmark in the connection
>> --restore-mark [--mask mask] Restore saved nfmark value
>>
>> So everything seens fine to me........
>>
>> Thanks...
>>
>>
>
>
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> -----Original Message----- > From: lartc-admin@mailman.ds9a.nl > [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Leandro Travaglia > Sent: Saturday, January 08, 2005 9:03 PM > To: LARTC > Subject: [LARTC] CONNMARK problem > > > Hi all, > > I have IPTABLES 1.2.10 and i have a weird problem with CONNMARK > > When i run: > # iptables -v -t mangle -F > # iptables -v -t mangle -A PREROUTING -p tcp -j CONNMARK > --restore-mark CONNMARK tcp opt -- in * out * 0.0.0.0/0 -> > 0.0.0.0/0 CONNMARK restore > iptables: No chain/target/match by that nameMake sure that CONNMARK target is vaild in mangle table > PREROUTING chain. Or you can try to inspect the rule in another table/chain Another possible is the target format. You can try to use a simple target to verify if the target format is correct or not. Vincent> > Why is that happening?? > > The command: > # iptables -v -j CONNMARK -h > returns: > CONNMARK target v1.2.10 options: > --set-mark value[/mask] Set conntrack mark value > --save-mark [--mask mask] Save the packet nfmark in the > connection > --restore-mark [--mask mask] Restore saved nfmark value > > So everything seens fine to me........ > > Thanks... > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.300 / Virus Database: 265.6.9 - Release Date: 6/1/2005 > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hello, Does there exist any tool that can report the current bandwidth information that is managed by tc(traffic control) tool. I can use the tool to get the current(or accumulated) bandwidth used by each tc queue. Thanks for your assist Vincent _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/