Google
  Web www.spinics.net

Re: tc u32 match !port

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Salatiel Filho wrote:
How can i redirect all traffic that not come from port 80 to a flow ?

i was thing about some like

tc filter add dev imq1 parent 1: protocol ip prio 7 u32 match ip sport
!80 ......

But this not work.

Another doubt, if i have two rules that intersects , for example ,
one filter with u32 match ip src 10.10.10.10 flowid 1:10
and other with u32 match sport 80 0xffff flowid 1:11 , which one will
work in case of a packet to 10.10.10.10 with sport 80 ???

You need to use prio to order the rules - anything after a rule that matches port 80 will be ! 80 - you cannot make a rule that negates matches directly. If the structure of your htb etc is deep you can make filters attach to parents other than root, but you need to filter the traffic to those flowids first. You can match more than one thing with one filter rule so you can match prio X src ip and 80 then follow with prio (X+1) src ip.

Andy.

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[Bugtraq]     [Fedora Legacy]     [GCC Help]     [Yosemite News]     [Yosemite Photos]     [IP Tables]     [Netfilter Devel]     [Fedora Users]

Powered by Linux