Hi list, I''m playing with tc and found a strange behavior when I try to delete filters. For example, this simple scenario: tc qdisc add dev eth1 root handle 1: htb default 100 tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src 10.10.10.20 flowid 1:2 works just fine, but when I try to delete oen of the filters with something like this: tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src 10.10.10.20 flowid 1:2 both filters are deleted. I''ve found a post from Dimitry V. Ketov in the kernel list on may/2003 with a situation like this one, but there are no answers. I''m using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause? I''m suposed to be able to delete filters separately right? May it be a bug? Deleting the whole qdisc is not an opition in my setup and trying to delete the parent class gives me a "device or resource busy" error because of the filters. tc class del doesn''t seen to delete its "child" filter. tks for any information... Andre _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Rodrigo, tks for the answer. It sounds like a starting point but this is not that good if there are several filters pointing to classes with high load. In this case lower prio classes will really have higher priority. Isn''t it supposed to work as expected: delete only the right filter? May it be reported as a bug? Is it a known behavior? tks... Andre Rodrigo P. Telles wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Andre, > > I''ve had the same problem when I try to remove one filter rule. > This is ocurred when you have the same prio for all filter rules. I''ve > "solved" > my problem using diferent "prio" values in filter rules. > I don''t now if this is a BUG ! > > Anything else ? > > Telles > > Andre Correa wrote: > | > | Hi list, I''m playing with tc and found a strange behavior when I try to > | delete filters. For example, this simple scenario: > | > | tc qdisc add dev eth1 root handle 1: htb default 100 > | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit > | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit > | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit > | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src > | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 > | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src > | 10.10.10.20 flowid 1:2 > | > | works just fine, but when I try to delete oen of the filters with > | something like this: > | > | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src > | 10.10.10.20 flowid 1:2 > | > | both filters are deleted. > | > | I''ve found a post from Dimitry V. Ketov in the kernel list on may/2003 > | with a situation like this one, but there are no answers. > | > | I''m using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause? > | I''m suposed to be able to delete filters separately right? May it be a > bug? > | > | Deleting the whole qdisc is not an opition in my setup and trying to > | delete the parent class gives me a "device or resource busy" error > | because of the filters. tc class del doesn''t seen to delete its "child" > | filter. > | > | tks for any information... > | > | Andre > | > | _______________________________________________ > | LARTC mailing list / LARTC@mailman.ds9a.nl > | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > | > | > > - -- > - ------------------------------------------------------ > Rodrigo P. Telles <telles@devel-it.com.br> > Gerente de Projetos - http://www.devel-it.com.br > Devel-IT - Uma empresa do Grupo TDKOM > - ------------------------------------------------------ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP > 6DYjQf0/5NVNRrojAXvgcw8> =d0PR > -----END PGP SIGNATURE----- > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andre, I''ve had the same problem when I try to remove one filter rule. This is ocurred when you have the same prio for all filter rules. I''ve "solved" my problem using diferent "prio" values in filter rules. I don''t now if this is a BUG ! Anything else ? Telles Andre Correa wrote: | | Hi list, I''m playing with tc and found a strange behavior when I try to | delete filters. For example, this simple scenario: | | tc qdisc add dev eth1 root handle 1: htb default 100 | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src | 10.10.10.20 flowid 1:2 | | works just fine, but when I try to delete oen of the filters with | something like this: | | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src | 10.10.10.20 flowid 1:2 | | both filters are deleted. | | I''ve found a post from Dimitry V. Ketov in the kernel list on may/2003 | with a situation like this one, but there are no answers. | | I''m using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause? | I''m suposed to be able to delete filters separately right? May it be a bug? | | Deleting the whole qdisc is not an opition in my setup and trying to | delete the parent class gives me a "device or resource busy" error | because of the filters. tc class del doesn''t seen to delete its "child" | filter. | | tks for any information... | | Andre | | _______________________________________________ | LARTC mailing list / LARTC@mailman.ds9a.nl | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP 6DYjQf0/5NVNRrojAXvgcw8=d0PR -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Patrick, tks for the info but I''m sure I got your idea. A filter handle is something like: "804::800" right? I''ve tried this (supose classes 1:1 and 1:2 exist): tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 match ip src 10.10.10.10 flowid 1:1 tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 match ip src 10.10.10.11 flowid 1:2 and then: tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 but both filter are deleted... Am I missing something? tks a lot... Andre Patrick McHardy wrote:> Andre Correa wrote: > >> >> Hi list, I''m playing with tc and found a strange behavior when I try >> to delete filters. For example, this simple scenario: >> >> tc qdisc add dev eth1 root handle 1: htb default 100 >> tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit >> tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit >> tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit >> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src >> 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 >> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src >> 10.10.10.20 flowid 1:2 >> >> works just fine, but when I try to delete oen of the filters with >> something like this: >> >> tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src >> 10.10.10.20 flowid 1:2 >> >> both filters are deleted. > > > The kernel only regards priorities when deleting a filter without > giving a handle. Use the handle if you want to delete a specific filter. > > Regards, > Patricky > > >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andre, In my last e-mail about deleting filters (I''m sorry): s/Anything else ?/Anyone has idea about that strange "problem" ?/ Stef ? Telles Rodrigo P. Telles wrote: | Andre, | | I''ve had the same problem when I try to remove one filter rule. | This is ocurred when you have the same prio for all filter rules. I''ve | "solved" | my problem using diferent "prio" values in filter rules. | I don''t now if this is a BUG ! | | Anything else ? | | Telles | | Andre Correa wrote: | | | | Hi list, I''m playing with tc and found a strange behavior when I try to | | delete filters. For example, this simple scenario: | | | | tc qdisc add dev eth1 root handle 1: htb default 100 | | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit | | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit | | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit | | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src | | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 | | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src | | 10.10.10.20 flowid 1:2 | | | | works just fine, but when I try to delete oen of the filters with | | something like this: | | | | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src | | 10.10.10.20 flowid 1:2 | | | | both filters are deleted. | | | | I''ve found a post from Dimitry V. Ketov in the kernel list on may/2003 | | with a situation like this one, but there are no answers. | | | | I''m using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause? | | I''m suposed to be able to delete filters separately right? May it be a | bug? | | | | Deleting the whole qdisc is not an opition in my setup and trying to | | delete the parent class gives me a "device or resource busy" error | | because of the filters. tc class del doesn''t seen to delete its "child" | | filter. | | | | tks for any information... | | | | Andre | | | | _______________________________________________ | | LARTC mailing list / LARTC@mailman.ds9a.nl | | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | | | | | -- | ------------------------------------------------------ | Rodrigo P. Telles <telles@devel-it.com.br> | Gerente de Projetos - http://www.devel-it.com.br | Devel-IT - Uma empresa do Grupo TDKOM | ------------------------------------------------------ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//a88iLK8unYgEMQRAkJ1AJ498bVg/9cOGlmlnkpNVsb0WudUlACfUny6 Wz0hejIwM5z3cz417//1LCg=f/u2 -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Andre Correa wrote:> > Hi list, I''m playing with tc and found a strange behavior when I try > to delete filters. For example, this simple scenario: > > tc qdisc add dev eth1 root handle 1: htb default 100 > tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit > tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit > tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit > tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src > 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 > tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src > 10.10.10.20 flowid 1:2 > > works just fine, but when I try to delete oen of the filters with > something like this: > > tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src > 10.10.10.20 flowid 1:2 > > both filters are deleted.The kernel only regards priorities when deleting a filter without giving a handle. Use the handle if you want to delete a specific filter. Regards, Patricky _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Andre Correa wrote:> > Patrick, tks for the info but I''m sure I got your idea. > > A filter handle is something like: "804::800" right?Not exactly. How handles are handled depends on the classifier, fw classifier for example uses its own handle to match the nfmark, route creates handles of its own and errors if the handle supplied from userspace differs. Maybe a example clears things up: <add filters> tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100 tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200 tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300 tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400 tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500 <show filters> filter protocol ip pref 1 route filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4 filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5 filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6 filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7 filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8 As you can see the route classifier uses realm | 0x8000. <delete filters> tc filter del dev lo pref 1 handle 0x00048000 route tc filter del dev lo pref 1 handle 0x00058000 route tc filter del dev lo pref 1 handle 0x00068000 route tc filter del dev lo pref 1 handle 0x00078000 route tc filter del dev lo pref 1 handle 0x00088000 route <show filters again> filter protocol ip pref 1 route Only the container of the single filters is left. To destroy it, delete by priority: "tc filter del dev lo pref 1". Hope that helps. Patrick> I''ve tried this (supose classes 1:1 and 1:2 exist): > > tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 > match ip src 10.10.10.10 flowid 1:1 > tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 > match ip src 10.10.10.11 flowid 1:2 > > and then: > > tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 > > but both filter are deleted... > > Am I missing something? > > tks a lot... > > Andre >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andre, I don''t now, when I''ve had that problem, I didn''t find anything about that ! I''ve tried to report this problem, but all mails that I sent to the list, they had simply desappeared, and I''ve found this "solution" (for my case this solution is good). Later, my mail was started to work and I forgot to notify the list about that. I remembered that when I saw your mail about filter rules :-) I expect that someone have an idea about that, because is impossible that only you and me are having this behavior. Telles Andre Correa wrote: | | Hi Rodrigo, tks for the answer. It sounds like a starting point but this | is not that good if there are several filters pointing to classes with | high load. In this case lower prio classes will really have higher | priority. | | Isn''t it supposed to work as expected: delete only the right filter? May | it be reported as a bug? Is it a known behavior? | | tks... | | Andre | | | Rodrigo P. Telles wrote: | |> -----BEGIN PGP SIGNED MESSAGE----- |> Hash: SHA1 |> |> Andre, |> |> I''ve had the same problem when I try to remove one filter rule. |> This is ocurred when you have the same prio for all filter rules. I''ve |> "solved" |> my problem using diferent "prio" values in filter rules. |> I don''t now if this is a BUG ! |> |> Anything else ? |> |> Telles |> |> Andre Correa wrote: |> | |> | Hi list, I''m playing with tc and found a strange behavior when I try to |> | delete filters. For example, this simple scenario: |> | |> | tc qdisc add dev eth1 root handle 1: htb default 100 |> | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit |> | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit |> | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit |> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src |> | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1 |> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src |> | 10.10.10.20 flowid 1:2 |> | |> | works just fine, but when I try to delete oen of the filters with |> | something like this: |> | |> | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src |> | 10.10.10.20 flowid 1:2 |> | |> | both filters are deleted. |> | |> | I''ve found a post from Dimitry V. Ketov in the kernel list on may/2003 |> | with a situation like this one, but there are no answers. |> | |> | I''m using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause? |> | I''m suposed to be able to delete filters separately right? May it be |> a bug? |> | |> | Deleting the whole qdisc is not an opition in my setup and trying to |> | delete the parent class gives me a "device or resource busy" error |> | because of the filters. tc class del doesn''t seen to delete its "child" |> | filter. |> | |> | tks for any information... |> | |> | Andre |> | |> | _______________________________________________ |> | LARTC mailing list / LARTC@mailman.ds9a.nl |> | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |> | |> | |> |> - -- |> - ------------------------------------------------------ |> Rodrigo P. Telles <telles@devel-it.com.br> |> Gerente de Projetos - http://www.devel-it.com.br |> Devel-IT - Uma empresa do Grupo TDKOM |> - ------------------------------------------------------ |> -----BEGIN PGP SIGNATURE----- |> Version: GnuPG v1.0.7 (GNU/Linux) |> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |> |> iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP |> 6DYjQf0/5NVNRrojAXvgcw8|> =d0PR |> -----END PGP SIGNATURE----- |> |> _______________________________________________ |> LARTC mailing list / LARTC@mailman.ds9a.nl |> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |> |> | | _______________________________________________ | LARTC mailing list / LARTC@mailman.ds9a.nl | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//d/KiLK8unYgEMQRAlgLAJ4torQ3qVFfOLujnSMiFUkKG+CiIgCfZ2q9 jTggAS7kT2eIyiMnNqeEvEk=bzBz -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Patrick, Based in your explanation, I tried that: # adding root qdisc, class and filters tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit tc qdisc add dev eth0 parent 1:11 handle 11: sfq tc qdisc add dev eth0 parent 1:12 handle 12: sfq tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip src 10.10.10.10 flowid 1:11 tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip src 10.10.10.11 flowid 1:12 # tc filter show dev eth0 filter parent 1: protocol ip pref 1 u32 filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0 flowid 1:11 ~ match 0a0a0a0a/ffffffff at 12 filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0 flowid 1:12 ~ match 0a0a0a0b/ffffffff at 12 # deleting a rule tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 Must specify filter type when using "handle" Humm, I got back to LARTC Howto, but I can''t found anything about "filter type" ! What''s wrong ? Telles Patrick McHardy wrote: | Andre Correa wrote: | |> |> Patrick, tks for the info but I''m sure I got your idea. |> |> A filter handle is something like: "804::800" right? | | | Not exactly. How handles are handled depends on the classifier, | fw classifier for example uses its own handle to match the nfmark, | route creates handles of its own and errors if the handle supplied | from userspace differs. | | Maybe a example clears things up: | <add filters> | tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100 | tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200 | tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300 | tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400 | tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500 | | <show filters> | filter protocol ip pref 1 route | filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4 | filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5 | filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6 | filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7 | filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8 | | As you can see the route classifier uses realm | 0x8000. | | <delete filters> | tc filter del dev lo pref 1 handle 0x00048000 route | tc filter del dev lo pref 1 handle 0x00058000 route | tc filter del dev lo pref 1 handle 0x00068000 route | tc filter del dev lo pref 1 handle 0x00078000 route | tc filter del dev lo pref 1 handle 0x00088000 route | | <show filters again> | filter protocol ip pref 1 route | | Only the container of the single filters is left. To destroy it, delete by | priority: "tc filter del dev lo pref 1". | | Hope that helps. | | Patrick | | |> I''ve tried this (supose classes 1:1 and 1:2 exist): |> |> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 |> match ip src 10.10.10.10 flowid 1:1 |> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 |> match ip src 10.10.10.11 flowid 1:2 |> |> and then: |> |> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 |> |> but both filter are deleted... |> |> Am I missing something? |> |> tks a lot... |> |> Andre |> | | | _______________________________________________ | LARTC mailing list / LARTC@mailman.ds9a.nl | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3 Ly6eZtiaSTtrWMrpPm9MxnQ=rhE2 -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lars, I knew that (I use this form, but with handle, it doesn''t work), but if what you said is truth, the folowing command would have work: tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip src 10.10.10.10 flowid 1:12 RTNETLINK answers: No such file or directory |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip src 10.10.10.11 flowid 1:12 What you thing about that ? Telles Lars Landmark wrote: | | Hi Rodrigo; | | When you add a new filter rule, you write "tc filter add .....". If you | now substitute add with del, you are able to delete the right filter | without any other filters being deleted. | | Hope this helps. | | Lars | | | On Thu, 8 Jan 2004, Rodrigo P. Telles wrote: | | |>-----BEGIN PGP SIGNED MESSAGE----- |>Hash: SHA1 |> |>Patrick, |> |>Based in your explanation, I tried that: |> |># adding root qdisc, class and filters |>tc qdisc add dev eth0 root handle 1: htb |>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit |>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit |>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit |> |>tc qdisc add dev eth0 parent 1:11 handle 11: sfq |>tc qdisc add dev eth0 parent 1:12 handle 12: sfq |> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip |>src 10.10.10.10 flowid 1:11 |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip |>src 10.10.10.11 flowid 1:12 |> |># tc filter show dev eth0 |>filter parent 1: protocol ip pref 1 u32 |>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 |>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0 |>flowid 1:11 |>~ match 0a0a0a0a/ffffffff at 12 |>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0 |>flowid 1:12 |>~ match 0a0a0a0b/ffffffff at 12 |> |># deleting a rule |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 |>Must specify filter type when using "handle" |> |>Humm, I got back to LARTC Howto, but I can''t found anything about "filter type" ! |> |>What''s wrong ? |> |>Telles |> |> |>Patrick McHardy wrote: |>| Andre Correa wrote: |>| |>|> |>|> Patrick, tks for the info but I''m sure I got your idea. |>|> |>|> A filter handle is something like: "804::800" right? |>| |>| |>| Not exactly. How handles are handled depends on the classifier, |>| fw classifier for example uses its own handle to match the nfmark, |>| route creates handles of its own and errors if the handle supplied |>| from userspace differs. |>| |>| Maybe a example clears things up: |>| <add filters> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100 |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200 |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300 |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400 |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500 |>| |>| <show filters> |>| filter protocol ip pref 1 route |>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4 |>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5 |>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6 |>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7 |>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8 |>| |>| As you can see the route classifier uses realm | 0x8000. |>| |>| <delete filters> |>| tc filter del dev lo pref 1 handle 0x00048000 route |>| tc filter del dev lo pref 1 handle 0x00058000 route |>| tc filter del dev lo pref 1 handle 0x00068000 route |>| tc filter del dev lo pref 1 handle 0x00078000 route |>| tc filter del dev lo pref 1 handle 0x00088000 route |>| |>| <show filters again> |>| filter protocol ip pref 1 route |>| |>| Only the container of the single filters is left. To destroy it, delete by |>| priority: "tc filter del dev lo pref 1". |>| |>| Hope that helps. |>| |>| Patrick |>| |>| |>|> I''ve tried this (supose classes 1:1 and 1:2 exist): |>|> |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 |>|> match ip src 10.10.10.10 flowid 1:1 |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 |>|> match ip src 10.10.10.11 flowid 1:2 |>|> |>|> and then: |>|> |>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 |>|> |>|> but both filter are deleted... |>|> |>|> Am I missing something? |>|> |>|> tks a lot... |>|> |>|> Andre |>|> |>| |>| |>| _______________________________________________ |>| LARTC mailing list / LARTC@mailman.ds9a.nl |>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |>| |>| |> |>- -- |>- ------------------------------------------------------ |>Rodrigo P. Telles <telles@devel-it.com.br> |>Gerente de Projetos - http://www.devel-it.com.br |>Devel-IT - Uma empresa do Grupo TDKOM |>- ------------------------------------------------------ |>-----BEGIN PGP SIGNATURE----- |>Version: GnuPG v1.0.7 (GNU/Linux) |>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |> |>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3 |>Ly6eZtiaSTtrWMrpPm9MxnQ|>=rhE2 |>-----END PGP SIGNATURE----- |> |>_______________________________________________ |>LARTC mailing list / LARTC@mailman.ds9a.nl |>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |> | | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI C+1AYYFiTKvXabVcluSnR6E=C9Xe -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi; no clue :-( May I ask why you are using "handle" and not "parent" since HTB is used? And what eventually are the differences? Lars> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Lars, > > I knew that (I use this form, but with handle, it doesn''t work), but if what you > said is truth, the folowing command would have work: > > tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip > src 10.10.10.10 flowid 1:12 > RTNETLINK answers: No such file or directory > > |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip > src 10.10.10.11 flowid 1:12 > > What you thing about that ? > > Telles > > Lars Landmark wrote: > | > | Hi Rodrigo; > | > | When you add a new filter rule, you write "tc filter add .....". If you > | now substitute add with del, you are able to delete the right filter > | without any other filters being deleted. > | > | Hope this helps. > | > | Lars > | > | > | On Thu, 8 Jan 2004, Rodrigo P. Telles wrote: > | > | > |>-----BEGIN PGP SIGNED MESSAGE----- > |>Hash: SHA1 > |> > |>Patrick, > |> > |>Based in your explanation, I tried that: > |> > |># adding root qdisc, class and filters > |>tc qdisc add dev eth0 root handle 1: htb > |>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit > |>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit > |>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit > |> > |>tc qdisc add dev eth0 parent 1:11 handle 11: sfq > |>tc qdisc add dev eth0 parent 1:12 handle 12: sfq > |> > |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip > |>src 10.10.10.10 flowid 1:11 > |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip > |>src 10.10.10.11 flowid 1:12 > |> > |># tc filter show dev eth0 > |>filter parent 1: protocol ip pref 1 u32 > |>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 > |>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0 > |>flowid 1:11 > |>~ match 0a0a0a0a/ffffffff at 12 > |>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0 > |>flowid 1:12 > |>~ match 0a0a0a0b/ffffffff at 12 > |> > |># deleting a rule > |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 > |>Must specify filter type when using "handle" > |> > |>Humm, I got back to LARTC Howto, but I can''t found anything about "filter type" ! > |> > |>What''s wrong ? > |> > |>Telles > |> > |> > |>Patrick McHardy wrote: > |>| Andre Correa wrote: > |>| > |>|> > |>|> Patrick, tks for the info but I''m sure I got your idea. > |>|> > |>|> A filter handle is something like: "804::800" right? > |>| > |>| > |>| Not exactly. How handles are handled depends on the classifier, > |>| fw classifier for example uses its own handle to match the nfmark, > |>| route creates handles of its own and errors if the handle supplied > |>| from userspace differs. > |>| > |>| Maybe a example clears things up: > |>| <add filters> > |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100 > |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200 > |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300 > |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400 > |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500 > |>| > |>| <show filters> > |>| filter protocol ip pref 1 route > |>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4 > |>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5 > |>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6 > |>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7 > |>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8 > |>| > |>| As you can see the route classifier uses realm | 0x8000. > |>| > |>| <delete filters> > |>| tc filter del dev lo pref 1 handle 0x00048000 route > |>| tc filter del dev lo pref 1 handle 0x00058000 route > |>| tc filter del dev lo pref 1 handle 0x00068000 route > |>| tc filter del dev lo pref 1 handle 0x00078000 route > |>| tc filter del dev lo pref 1 handle 0x00088000 route > |>| > |>| <show filters again> > |>| filter protocol ip pref 1 route > |>| > |>| Only the container of the single filters is left. To destroy it, delete by > |>| priority: "tc filter del dev lo pref 1". > |>| > |>| Hope that helps. > |>| > |>| Patrick > |>| > |>| > |>|> I''ve tried this (supose classes 1:1 and 1:2 exist): > |>|> > |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 > |>|> match ip src 10.10.10.10 flowid 1:1 > |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 > |>|> match ip src 10.10.10.11 flowid 1:2 > |>|> > |>|> and then: > |>|> > |>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 > |>|> > |>|> but both filter are deleted... > |>|> > |>|> Am I missing something? > |>|> > |>|> tks a lot... > |>|> > |>|> Andre > |>|> > |>| > |>| > |>| _______________________________________________ > |>| LARTC mailing list / LARTC@mailman.ds9a.nl > |>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > |>| > |>| > |> > |>- -- > |>- ------------------------------------------------------ > |>Rodrigo P. Telles <telles@devel-it.com.br> > |>Gerente de Projetos - http://www.devel-it.com.br > |>Devel-IT - Uma empresa do Grupo TDKOM > |>- ------------------------------------------------------ > |>-----BEGIN PGP SIGNATURE----- > |>Version: GnuPG v1.0.7 (GNU/Linux) > |>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > |> > |>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3 > |>Ly6eZtiaSTtrWMrpPm9MxnQ> |>=rhE2 > |>-----END PGP SIGNATURE----- > |> > |>_______________________________________________ > |>LARTC mailing list / LARTC@mailman.ds9a.nl > |>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > |> > | > | > | > > - -- > - ------------------------------------------------------ > Rodrigo P. Telles <telles@devel-it.com.br> > Gerente de Projetos - http://www.devel-it.com.br > Devel-IT - Uma empresa do Grupo TDKOM > - ------------------------------------------------------ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI > C+1AYYFiTKvXabVcluSnR6E> =C9Xe > -----END PGP SIGNATURE----- > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lars, It''s about the discussion of "deleting filter rules", and this "method" (using handle) was explaned by Patrick (see the list history). Telles Lars Landmark wrote: | Hi; | | no clue :-( | May I ask why you are using "handle" and not "parent" since HTB is used? | And what eventually are the differences? | | Lars | | | |>-----BEGIN PGP SIGNED MESSAGE----- |>Hash: SHA1 |> |>Lars, |> |>I knew that (I use this form, but with handle, it doesn''t work), but if what you |>said is truth, the folowing command would have work: |> |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip |>src 10.10.10.10 flowid 1:12 |>RTNETLINK answers: No such file or directory |> |>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip |>src 10.10.10.11 flowid 1:12 |> |>What you thing about that ? |> |>Telles |> |>Lars Landmark wrote: |>| |>| Hi Rodrigo; |>| |>| When you add a new filter rule, you write "tc filter add .....". If you |>| now substitute add with del, you are able to delete the right filter |>| without any other filters being deleted. |>| |>| Hope this helps. |>| |>| Lars |>| |>| |>| On Thu, 8 Jan 2004, Rodrigo P. Telles wrote: |>| |>| |>|>-----BEGIN PGP SIGNED MESSAGE----- |>|>Hash: SHA1 |>|> |>|>Patrick, |>|> |>|>Based in your explanation, I tried that: |>|> |>|># adding root qdisc, class and filters |>|>tc qdisc add dev eth0 root handle 1: htb |>|>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit |>|>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit |>|>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit |>|> |>|>tc qdisc add dev eth0 parent 1:11 handle 11: sfq |>|>tc qdisc add dev eth0 parent 1:12 handle 12: sfq |>|> |>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip |>|>src 10.10.10.10 flowid 1:11 |>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip |>|>src 10.10.10.11 flowid 1:12 |>|> |>|># tc filter show dev eth0 |>|>filter parent 1: protocol ip pref 1 u32 |>|>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 |>|>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0 |>|>flowid 1:11 |>|>~ match 0a0a0a0a/ffffffff at 12 |>|>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0 |>|>flowid 1:12 |>|>~ match 0a0a0a0b/ffffffff at 12 |>|> |>|># deleting a rule |>|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 |>|>Must specify filter type when using "handle" |>|> |>|>Humm, I got back to LARTC Howto, but I can''t found anything about "filter type" ! |>|> |>|>What''s wrong ? |>|> |>|>Telles |>|> |>|> |>|>Patrick McHardy wrote: |>|>| Andre Correa wrote: |>|>| |>|>|> |>|>|> Patrick, tks for the info but I''m sure I got your idea. |>|>|> |>|>|> A filter handle is something like: "804::800" right? |>|>| |>|>| |>|>| Not exactly. How handles are handled depends on the classifier, |>|>| fw classifier for example uses its own handle to match the nfmark, |>|>| route creates handles of its own and errors if the handle supplied |>|>| from userspace differs. |>|>| |>|>| Maybe a example clears things up: |>|>| <add filters> |>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100 |>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200 |>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300 |>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400 |>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500 |>|>| |>|>| <show filters> |>|>| filter protocol ip pref 1 route |>|>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4 |>|>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5 |>|>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6 |>|>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7 |>|>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8 |>|>| |>|>| As you can see the route classifier uses realm | 0x8000. |>|>| |>|>| <delete filters> |>|>| tc filter del dev lo pref 1 handle 0x00048000 route |>|>| tc filter del dev lo pref 1 handle 0x00058000 route |>|>| tc filter del dev lo pref 1 handle 0x00068000 route |>|>| tc filter del dev lo pref 1 handle 0x00078000 route |>|>| tc filter del dev lo pref 1 handle 0x00088000 route |>|>| |>|>| <show filters again> |>|>| filter protocol ip pref 1 route |>|>| |>|>| Only the container of the single filters is left. To destroy it, delete by |>|>| priority: "tc filter del dev lo pref 1". |>|>| |>|>| Hope that helps. |>|>| |>|>| Patrick |>|>| |>|>| |>|>|> I''ve tried this (supose classes 1:1 and 1:2 exist): |>|>|> |>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 |>|>|> match ip src 10.10.10.10 flowid 1:1 |>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 |>|>|> match ip src 10.10.10.11 flowid 1:2 |>|>|> |>|>|> and then: |>|>|> |>|>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 |>|>|> |>|>|> but both filter are deleted... |>|>|> |>|>|> Am I missing something? |>|>|> |>|>|> tks a lot... |>|>|> |>|>|> Andre |>|>|> |>|>| |>|>| |>|>| _______________________________________________ |>|>| LARTC mailing list / LARTC@mailman.ds9a.nl |>|>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |>|>| |>|>| |>|> |>|>- -- |>|>- ------------------------------------------------------ |>|>Rodrigo P. Telles <telles@devel-it.com.br> |>|>Gerente de Projetos - http://www.devel-it.com.br |>|>Devel-IT - Uma empresa do Grupo TDKOM |>|>- ------------------------------------------------------ |>|>-----BEGIN PGP SIGNATURE----- |>|>Version: GnuPG v1.0.7 (GNU/Linux) |>|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |>|> |>|>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3 |>|>Ly6eZtiaSTtrWMrpPm9MxnQ|>|>=rhE2 |>|>-----END PGP SIGNATURE----- |>|> |>|>_______________________________________________ |>|>LARTC mailing list / LARTC@mailman.ds9a.nl |>|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |>|> |>| |>| |>| |> |>- -- |>- ------------------------------------------------------ |>Rodrigo P. Telles <telles@devel-it.com.br> |>Gerente de Projetos - http://www.devel-it.com.br |>Devel-IT - Uma empresa do Grupo TDKOM |>- ------------------------------------------------------ |>-----BEGIN PGP SIGNATURE----- |>Version: GnuPG v1.0.7 (GNU/Linux) |>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |> |>iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI |>C+1AYYFiTKvXabVcluSnR6E|>=C9Xe |>-----END PGP SIGNATURE----- |> |>_______________________________________________ |>LARTC mailing list / LARTC@mailman.ds9a.nl |>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ |> | | _______________________________________________ | LARTC mailing list / LARTC@mailman.ds9a.nl | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE//pAUiLK8unYgEMQRAjeLAJ9ZCyPiKNcoENEgcCvfzIF1wJ2IlgCfel0D BmAJ97csB8BxXywGwmLVrDM=JpSS -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
The matter here is not really about using parent or handle (wich I''m still not confortable with), but it is about the way a filter should be deleted. In situations like mine I cannot just delete filters by parent, because parent qdiscs have dozens of child classes each one with a filter poiting to it. If I have to "disable a customer", for example, I need to delete its classes and consequently its filters, and today it is not possible. Using Rodrigo''s trick with prio is doing the job, but doesn''t look like the right way to do it. I''m not involved in tc, HTB or any other kernel-related development but in my user point of view the sintax to add and delete filters should be the same and when I delete a filter just that specific filter should be delete, not all those that have the same prio. Maybe there was some important problem during development that made it difficult or impossible to be this way, we don''t know yet... Just getting back to the basic sitation, when I try (supose classes 1:1 and 1:2 exist): tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32 match ip src 10.10.10.10 flowid 1:1 tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32 match ip src 10.10.10.11 flowid 1:2 and then: tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11 both filter are deleted... and it is supposed to delete just the second filter. With or without handle the same result is reproducible in my setup and in Rodrigo''s too. Anybody else have the same behavior or it is just us? My kernel is 2.4.23. Anyway filters are still a bit difficult to fully understand. There are too many undocumented options that should be described in Advanced-Routing-HOWTO or somewhere else... Where is the active development of tc going on for 2.4? May we report it as a bug there? Is the Advanced-Routing-Howto being updated? I would like to help with it... tc is doing such a good job here that I want to give something back to the community... tks in advance... Andre Rodrigo P. Telles wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Lars, > > It''s about the discussion of "deleting filter rules", and this "method" > (using > handle) was explaned by Patrick (see the list history). > > Telles > > Lars Landmark wrote: > | Hi; > | > | no clue :-( > | May I ask why you are using "handle" and not "parent" since HTB is used? > | And what eventually are the differences? > | > | Lars > | > | > | > |>-----BEGIN PGP SIGNED MESSAGE----- > |>Hash: SHA1 > |> > |>Lars, > |> > |>I knew that (I use this form, but with handle, it doesn''t work), but > if what you > |>said is truth, the folowing command would have work: > |> > |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 > match ip > |>src 10.10.10.10 flowid 1:12 > |>RTNETLINK answers: No such file or directory > |> > |>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 > match ip > |>src 10.10.10.11 flowid 1:12 > |> > |>What you thing about that ? > |> > |>Telles > |>_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi list, I''ve got a private e-mail from O. Brewer pointing something important that we hadn''t figured out yet: tc qdisc del dev eth1 root tc qdisc add dev eth1 root handle 1:0 htb tc class add dev eth1 parent 1:0 classid 1:1 htb rate 1mbit tc class add dev eth1 parent 1:0 classid 1:2 htb rate 1mbit tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle ::10 u32 match ip src 10.10.10.10 classid 1:1 tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip src 10.10.10.11 classid 1:2 tc -r filter show dev eth1 parent 1: filter protocol ip pref 1 u32 filter protocol ip pref 1 u32 fh 800:[80000000] ht divisor 1 filter protocol ip pref 1 u32 fh 800::10[80000010] order 16 key ht 800 bkt 0 flowid 1:1 match 0a0a0a0a/ffffffff at 12 filter protocol ip pref 1 u32 fh 800::11[80000011] order 17 key ht 800 bkt 0 flowid 1:2 match 0a0a0a0b/ffffffff at 12 tc filter del dev eth1 parent 1: protocol ip prio 1 handle 800::11 u32 tc -r filter show dev eth1 parent 1: filter protocol ip pref 1 u32 filter protocol ip pref 1 u32 fh 800:[80000000] ht divisor 1 filter protocol ip pref 1 u32 fh 800::10[80000010] order 16 key ht 800 bkt 0 flowid 1:1 match 0a0a0a0a/ffffffff at 12 as we expect... So we figure out that using handle and u32 in the end of our command line works fine. Good... There is still a lot of trouble to figure out what is the value of handle XXX::yy when it is a script that manages filters, but it is better then nothing... tks for pointing this out Orlie... Anybody else replicated the behavior? Does anybody know is tc development is taking place? tks a lot... Andre _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Rodrigo P. Telles
2004-Jan-10 22:06 UTC
Re: Some good news - Strange behavior deleting filters
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andre, Very good, I tried that too and its work :-) Note: I''m using kernel 2.4.21. Telles Andre Correa wrote: | | Hi list, | | I''ve got a private e-mail from O. Brewer pointing something important | that we hadn''t figured out yet: | | tc qdisc del dev eth1 root | tc qdisc add dev eth1 root handle 1:0 htb | tc class add dev eth1 parent 1:0 classid 1:1 htb rate 1mbit | tc class add dev eth1 parent 1:0 classid 1:2 htb rate 1mbit | tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle ::10 u32 | match ip src 10.10.10.10 classid 1:1 | tc filter add dev eth1 parent 1:0 protocol ip prio 1 handle ::11 u32 | match ip src 10.10.10.11 classid 1:2 | | | tc -r filter show dev eth1 parent 1: | filter protocol ip pref 1 u32 filter protocol ip pref 1 u32 fh | 800:[80000000] ht divisor 1 filter protocol ip pref 1 u32 fh | 800::10[80000010] order 16 key ht 800 bkt 0 flowid 1:1 match | 0a0a0a0a/ffffffff at 12 | filter protocol ip pref 1 u32 fh 800::11[80000011] order 17 key ht 800 | bkt 0 flowid 1:2 match 0a0a0a0b/ffffffff at 12 | | tc filter del dev eth1 parent 1: protocol ip prio 1 handle 800::11 u32 | | tc -r filter show dev eth1 parent 1: | filter protocol ip pref 1 u32 filter protocol ip pref 1 u32 fh | 800:[80000000] ht divisor 1 filter protocol ip pref 1 u32 fh | 800::10[80000010] order 16 key ht 800 bkt 0 flowid 1:1 match | 0a0a0a0a/ffffffff at 12 | | as we expect... | | So we figure out that using handle and u32 in the end of our command | line works fine. Good... There is still a lot of trouble to figure out | what is the value of handle XXX::yy when it is a script that manages | filters, but it is better then nothing... | | tks for pointing this out Orlie... | | Anybody else replicated the behavior? Does anybody know is tc | development is taking place? | | tks a lot... | | Andre | _______________________________________________ | LARTC mailing list / LARTC@mailman.ds9a.nl | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ | | - -- - ------------------------------------------------------ Rodrigo P. Telles <telles@devel-it.com.br> Gerente de Projetos - http://www.devel-it.com.br Devel-IT - Uma empresa do Grupo TDKOM - ------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAAHdyiLK8unYgEMQRAnpvAJ9jyj2AJJDwrPZLdJMnXiuIJ4qqyQCePOjC XLtX5GIX2SnByWadnTU1QwQ=zlOC -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/