Google
  Web www.spinics.net

Re: LARTC Digest, Vol 31, Issue 25

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Message: 6 Date: Tue, 18 Sep 2007 10:44:42 +0200 From: Michal Soltys <nozo@xxxxxxxx> Subject: Re: I'm having an issue with u32 masking To: lartc@xxxxxxxxxxxxxxx Message-ID: <46EF8FFA.6070707@xxxxxxxx> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Vadtec wrote:
> Is this how tc is supposed to work? Does it only match on the value it > is given based on whether or not the mask matches? IE: u16 0x1a00 0x1a0f > at 22 (dest port 6656 ONLY), u16 0x1a0b 0x1a0f at 22 (dest port 6667 ONLY) > > If so, how can you match a range of ports (in my example, or a range of > anything for that matter) in tc? >

Try:

match u16 0x1a00 0xfff0

Mask is first applied to the value in the packet, then it's tested against your (0x1a00) value
Can you please explain this further?

You are saying that its ORed with the value? Or is it ANDed? Or maybe XORed? What operation are they applying to the value? Working from what I have done with other bit masking operations, I am assuming that the mask is ANDed with the value in the packet. Then I would assume you OR the check with the resulting value. But I am not sure.

I would expect the mask to be applied to the value. It doesn't make sense to apply it to the check, because then you would simply match the highest possible value of the check+mask.


Vadtec
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[Bugtraq]     [Fedora Legacy]     [GCC Help]     [Yosemite News]     [Yosemite Photos]     [IP Tables]     [Netfilter Devel]     [Fedora Users]

Powered by Linux