Hi all... How do i set U32 to filter a port range, instead of a single port? In normal use: source port 80 we use: "... match ip sport 80 0xffff ..." - I know that is something about the 0xffff parameter.... I need to filter ports 1 ~ 1024 to a higher priority class... i tried with IPTABLES MARK and TC FW, but it''s not working.... (...) # iptables -t mangle -A PREROUTING -p tcp -sport 10:1024 -j MARK --set-mark 2 # tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 2 fw classid 1:1 (...) ------------------------------------------ Use o melhor sistema de busca da Internet Radar UOL - http://www.radaruol.com.br _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 05 October 2004 13:06, gt90bh@zipmail.com.br wrote:> - I know that is something about the 0xffff parameter....I guess it is some kind of bitmask and works similarly to a netmask. If you only want to categorise traffic from port 1-1024, using "sport 0 0xfbff" *might* work, though I am not sure about that. Some core QoS developers on the kernel may give you more insight than I am able to do. But you can still try it, better than nothing :). - -- Thilo Schulz My public PGP key is available at http://home.bawue.de/~arny/public_key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBYq6JZx4hBtWQhl4RAsKvAKDVX5mv6HurtkNCuTqt8RNZg1lUTQCeP5NS TF7X0Qhn7GkIXhnviZ2rQTw=L6y/ -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 oops it''s rather "sport 0 0xfc00" than "sport 0 0xfbff" if it worked the way I think it would. - -- Thilo Schulz My public PGP key is available at http://home.bawue.de/~arny/public_key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBY9qtZx4hBtWQhl4RAtvCAJ41eu0Obnx0GjA6g1/krgQ+6ovXCACfZLVL S0c0r0rvd6zZJSuzjy0S2Kw=XmFZ -----END PGP SIGNATURE----- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Thanks a lot man, but it didn''t work...
Any other clue?
Where is the official web site of U32?
Thanks,
LEANDRO TRAVAGLIA
----- Original Message -----
From: "Thilo Schulz" <arny@ats.s.bawue.de>
To: <lartc@mailman.ds9a.nl>
Sent: Tuesday, October 05, 2004 11:24 AM
Subject: Re: [LARTC] U32 Port Range
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tuesday 05 October 2004 13:06, gt90bh@zipmail.com.br wrote:
> > - I know that is something about the 0xffff parameter....
>
> I guess it is some kind of bitmask and works similarly to a netmask. If
you> only want to categorise traffic from port 1-1024, using "sport 0
0xfbff"
> *might* work, though I am not sure about that. Some core QoS developers
on> the kernel may give you more insight than I am able to do. But you can
still> try it, better than nothing :).
>
> - --
> Thilo Schulz
>
> My public PGP key is available at
http://home.bawue.de/~arny/public_key.asc> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFBYq6JZx4hBtWQhl4RAsKvAKDVX5mv6HurtkNCuTqt8RNZg1lUTQCeP5NS
> TF7X0Qhn7GkIXhnviZ2rQTw> =L6y/
> -----END PGP SIGNATURE-----
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.773 / Virus Database: 520 - Release Date: 05/10/04
------------------------------------------
Use o melhor sistema de busca da Internet
Radar UOL - http://www.radaruol.com.br
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
* gt90bh@zipmail.com.br <4163A6050000058C@www.zipmail.com.br> 2004-10-06 10:27> Thanks a lot man, but it didn''t work... > Any other clue?sport 0 0xF800 0xF800 is ~(1024+1), therefore it only matches if none of the upper bits are set. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/