search for: ip_len

I can''t seem to match packets less than 512 bytes: class( <$bulk> ) if tcp_dport == 81 && !( ip_len & 0xfe00 ) ; or if tcp_dport == 81 && ip_len < 512 Both rules match any packet I send to port 81, even when the total IP length is much greater than 512 bytes: class htb 2:4 parent 2:1 leaf 5: prio 1 rate 8000bps ceil 24000bps burst 6Kb cburst 1839b Sent 244592 bytes 168 pkts (d...

...is and if I run it things seem to be shaped as expected. But this TCNG configuration doesn''t product the same results. Does anyone know what I did wrong? dev "eth0" { egress { /* if (raw[33] >> 4) & 1; */ class( <$ack> ) if (ip_hl == 0x5) && (ip_len & 0xffc0) && tcp_ACK; class( <$other> ) if 1; htb() { class ( rate 230kbps, ceil 230kbps ) { $ack = class( rate 64kbps, ceil 230kbps, prio 1 ) { sfq; } $other = class( rate 64kbps, ceil 230kbps, prio 2 ) { sfq; } } } } } Which g...

...*_ssl_conn){ type iPAddress. A match occurs if the reference identity octet string and the value octet strings are identical."*/ - cert_ip=ASN1_STRING_data(name->d.iPAddress); + cert_ip=ASN1_STRING_get0_data(name->d.iPAddress); if(ip_len==ASN1_STRING_length(name->d.iPAddress) &&memcmp(ip,cert_ip,ip_len)==0){ ret=1; -- 2.11.0

...#include <netinet/in.h> #include <sys/socket.h> #include <netdb.h> #include <arpa/inet.h> struct my_ip_header { unsigned char ip_hl:4, /* header length */ ip_v:4; /* version */ unsigned char ip_tos; /* type of service */ unsigned short ip_len; /* total length */ unsigned short ip_id; /* identification */ unsigned short ip_off; /* fragment offset field */ #define IP_RF 0x8000 /* reserved fragment flag */ #define IP_DF 0x4000 /* dont fragment flag */ #define IP_MF 0x2000...

...e a couple of questions regarding tcng behavior. First - I want to mark TCP_ACK packets as high priority, a common case. I figured the tcp_ACK rule in fields4.tc would be enough but I''ve come across Jason Boxman''s tutorial and he recommends using: class( <$ack> ) if ip_len < 64 && ip_hl == 0x5 && (raw[33].b >> 4) & 0xff; So basically the tcp_ACK rule doesn''t work? Has it been fixed? Which way is right? Secondly - I was wondering if anyone is trying to use l7filter on a bridging Ethernet setup. It looks to me like...

...s dev UPLOAD { egress { class ( <$prio> ) ; class ( <$p2p> ) ; class ( <$interactive> ) /* ACK packets go in this class */ if ip_hl == 0x5 && ! (ip_len & 0xffc0) && (raw[33].b >> 4) & 0xff if 1 ; htb () { class ( rate UPRATE, ceil UPRATE ) { $prio = class ( prio 0, rate 6kBps, ceil UPRATE ) { sfq; } ;...

I''ve used tc in the past for shaping, upon learning of tcng, I redid my config, and load it using tcc. I thought this was great, as the new script is much easier to maintain, and is so much simpler. The new script was working for about a week, then it stopped working. I now get this error: can''t dump subexpression (if_u32.c, unsupported offset sequence - please try to reorder

...OAD eth1 #define UPRATE 25kBps #define P2P 10kBps dev UPLOAD { egress { class ( <$smtp> ) ; class ( <$ssh> ) if tcp_dport == 8080 ; class ( <$ack> ) if ip_hl == 0x5 && (ip_len & 0xffc0) && (raw[33].b >> 4) & 1 ; class ( <$otro> ) if 1 ; class ( <$p2p> ) ; htb () { class ( rate UPRATE, ceil UPRATE ) { $smtp = cl...

http://bugzilla.mindrot.org/show_bug.cgi?id=276 ------- Additional Comments From stevesk at pobox.com 2002-06-15 14:26 ------- this is what i asked in a message a while back; can an IRIX expert help here? "should we be using a UNIX95 (or whatever) namespace for IRIX? what happens with D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1" ------- You are receiving this

Although RAW sockets can be used when specifying the source address of packets (defeating one of the aspects of the jail) some people may find it usefull to use utilities like ping(8) or traceroute(8) from inside jails. Enclosed is a patch I have written which gives you the option of allowing prison-root to create raw sockets inside the prison, so

I have a lot question about tc-command because now i''m doing research to compare performance between HTB and  HFSC so i''m doubt a lot thing and your reply are so very helpful to me ... My question is In HTB tc command question 1. I''m use opensource (Mastershaper) for help to config traffic control but when i''m try to config HTB, I''m doubt about