LARTC - Feb 2005 - What does flowid:1 mean here?

Hi,
     I got the following lines from ''Linux Advanced Routing &
Traffice Control HOWTO'' and got confused!
 
     iptables -A PREROUTING -i $INDEV -t mangle -p tcp --syn \
     -j MARK --set-mark 1
     tc qdisc add dev $INDEV handle ffff: ingress
     tc filter add dev $INDEV parent ffff: protocol ip prio 50 handle 1 fw \
     police rate 1kbit burst 40 mtu 9k drop flowid :1
 
     Does the second command mean that the filter will police the traffic of syn
to 1kbit by dropping? What does flowid:1 mean here?
 
Thanks in advance.
CcM



---------------------------------
Do You Yahoo!?
注册世界一流品质的雅虎免费电邮
--0-1121976442-1107411117=:51972
Content-Type: text/html; charset=gb2312
Content-Transfer-Encoding: 8bit

<DIV>Hi,</DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp; I got the following lines
from ''Linux Advanced Routing &amp; Traffice Control HOWTO''
and got confused!</DIV>
<DIV>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp; <EM>iptables -A
PREROUTING -i $INDEV -t mangle -p tcp --syn
\<BR>&nbsp;&nbsp;&nbsp;&nbsp; -j MARK --set-mark
1</EM></DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp;<EM> tc&nbsp;qdisc
add dev $INDEV handle ffff:
ingress<BR>&nbsp;&nbsp;&nbsp;&nbsp; tc&nbsp;filter add
dev $INDEV parent ffff: protocol ip prio 50 handle 1 fw
\<BR>&nbsp;&nbsp;&nbsp;&nbsp; police rate 1kbit burst 40
mtu 9k drop flowid :1</EM></DIV>
<DIV><EM></EM>&nbsp;</DIV>
<DIV>&nbsp;&nbsp;&nbsp;&nbsp; Does the second command mean
that the filter will police the traffic of syn to 1kbit by dropping? What does
flowid:1 mean here?</DIV>
<DIV>&nbsp;</DIV>
<DIV>Thanks in advance.</DIV>
<DIV>CcM</DIV><p><br><hr size=1>
<b>Do You Yahoo!?</b><br>
<a
href="http://cn.rd.yahoo.com/mail_cn/tag/1g/*http://cn.mail.yahoo.com/"
target=blank>注册世界一流品质的雅虎免费电邮</a>
--0-1121976442-1107411117=:51972--
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

On Thursday 03 February 2005 07:11, CcM wrote:
> Hi,
>      I got the following lines from ''Linux Advanced Routing &
Traffice
> Control HOWTO'' and got confused!
>
>      iptables -A PREROUTING -i $INDEV -t mangle -p tcp --syn \
>      -j MARK --set-mark 1
>      tc qdisc add dev $INDEV handle ffff: ingress
>      tc filter add dev $INDEV parent ffff: protocol ip prio 50 handle 1 fw
> \ police rate 1kbit burst 40 mtu 9k drop flowid :1
>
>      Does the second command mean that the filter will police the traffic
> of syn to 1kbit by dropping? What does flowid:1 mean here?
It means that all traffic that''s under 1kbit, will be send to class :1
(or
long notation: ffff:1).  All traffic above 1kbit will be dropped.


Stef
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/