Hi I am in the position of needing to filter on two parameters, I need to filter on IP address and I also need to filter on the value of a connection mark. I understand the syntax of the tc filter command for each, but how can I combine them ? Is it possible to put the two tc filter commands in series or is there some syntax to do it in one tc filter command ? Thanks Jonathan _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Jonathan, On Tue, 16 Mar 2004 11:09:31 +0000 Jonathan Naylor <jonathan.naylor@w3z.co.uk> wrote:> I am in the position of needing to filter on two parameters, I need to filter > on IP address and I also need to filter on the value of a connection mark. I > understand the syntax of the tc filter command for each, but how can I > combine them ? Is it possible to put the two tc filter commands in series or > is there some syntax to do it in one tc filter command ?Well, I think it''s easiest include the IP-Filtering into iptables like this: iptables -t mangle -A <CHAIN> -[d|s] <IP-Address> -j MARK --set-mark 1 and then set up a filter with tc that directs the traffic to the right class. Regards, Arno. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Guten Tag Arno> Well, I think it''s easiest include the IP-Filtering into iptables like > this: > > iptables -t mangle -A <CHAIN> -[d|s] <IP-Address> -j MARK --set-mark 1 > > and then set up a filter with tc that directs the traffic to the right > class.That makes a lot of sense. I can see how to do it, it just means a lot of changes in my shell script. Another question, how big is the mark "variable" in bits ? 16, 32, 8 ? I will need a large number of rules and I obviously need the mark variable to be big enough to hold them all. At the TC end, can I share a class between many filter rules. For example: if A, B and C are all allocated each a seperate 64kbps connection, can they have a filter that points each of them (three filters) to one tc class set for a 64kbps maximum speed or do I need three tc classes set for 64kbps maximum speed ?> Regards, > > Arno.Jonathan _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/