Davide Corio wrote:> > Yes, 3.0.5-1 from Debian Etch >Here is the command that failed: ERROR: Command "tc filter add dev eth0 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate 1024000kbit burst 10k drop flowid :1" Failed It requires modules: sch_htb (which you must have since earlier commands using htb succeeded) cls_u32 act_police For later commands, you are also going to need: sch_sfq -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Il giorno dom, 21/05/2006 alle 08.59 -0700, Tom Eastep ha scritto:> It requires modules: > > sch_htb (which you must have since earlier commands using htb > succeeded) > cls_u32 > act_policeYes :) I didn''t have act_police compiled in The problem is the standard Xen kernel, it includes only the strict necessary Now i''m facing this other problem :( *************************************************************************** + run_iptables -t mangle -A tcpost -o eth0 -m mark --mark 1 -j CLASSIFY --set-class 1:11 + ''['' -n Yes '']'' + ''['' -f /tmp/shorewall.4brUHM/physdev '']'' + ''['' -n Yes '']'' + ''['' -f /tmp/shorewall.4brUHM/iprange '']'' + /sbin/iptables -t mangle -A tcpost -o eth0 -m mark --mark 1 -j CLASSIFY --set-class 1:11 iptables: No chain/target/match by that name + ''['' -z '''' '']'' + error_message ''ERROR: Command "/sbin/iptables -t'' mangle -A tcpost -o eth0 -m mark --mark 1 -j CLASSIFY --set-class ''1:11" Failed'' ************************************************************************** I''m googling over this, but it seems to be only a problem of mine -- Davide Corio davide.corio@redomino.com Redomino S.r.l. C.so Monte Grappa 90/b - 10145 Torino - Italy Tel: +39 011 19502871 - Fax: +39 011 19791122 - http://www.redomino.com/
Davide Corio wrote:> + error_message ''ERROR: Command "/sbin/iptables -t'' mangle -A tcpost -o > eth0 -m mark --mark 1 -j CLASSIFY --set-class ''1:11" Failed'' > ************************************************************************** > > I''m googling over this, but it seems to be only a problem of mine >Missing mark match support or missing CLASSIFY target support. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Il giorno dom, 21/05/2006 alle 18.53 +0200, Davide Corio ha scritto:> + error_message ''ERROR: Command "/sbin/iptables -t'' mangle -A tcpost -o > eth0 -m mark --mark 1 -j CLASSIFY --set-class ''1:11" Failed'' > **************************************************************************solved: missed ipt_mark -- Davide Corio davide.corio@redomino.com Redomino S.r.l. C.so Monte Grappa 90/b - 10145 Torino - Italy Tel: +39 011 19502871 - Fax: +39 011 19791122 - http://www.redomino.com/