* [LARTC] Strange behavior deleting filters
@ 2004-01-08 16:17 Andre Correa
2004-01-08 18:02 ` Andre Correa
` (11 more replies)
0 siblings, 12 replies; 13+ messages in thread
From: Andre Correa @ 2004-01-08 16:17 UTC (permalink / raw)
To: lartc
Hi list, I'm playing with tc and found a strange behavior when I try to
delete filters. For example, this simple scenario:
tc qdisc add dev eth1 root handle 1: htb default 100
tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
10.10.10.20 flowid 1:2
works just fine, but when I try to delete oen of the filters with
something like this:
tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
10.10.10.20 flowid 1:2
both filters are deleted.
I've found a post from Dimitry V. Ketov in the kernel list on may/2003
with a situation like this one, but there are no answers.
I'm using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause?
I'm suposed to be able to delete filters separately right? May it be a bug?
Deleting the whole qdisc is not an opition in my setup and trying to
delete the parent class gives me a "device or resource busy" error
because of the filters. tc class del doesn't seen to delete its "child"
filter.
tks for any information...
Andre
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
@ 2004-01-08 18:02 ` Andre Correa
2004-01-08 18:46 ` Rodrigo P. Telles
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Andre Correa @ 2004-01-08 18:02 UTC (permalink / raw)
To: lartc
Hi Rodrigo, tks for the answer. It sounds like a starting point but this
is not that good if there are several filters pointing to classes with
high load. In this case lower prio classes will really have higher priority.
Isn't it supposed to work as expected: delete only the right filter? May
it be reported as a bug? Is it a known behavior?
tks...
Andre
Rodrigo P. Telles wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Andre,
>
> I've had the same problem when I try to remove one filter rule.
> This is ocurred when you have the same prio for all filter rules. I've
> "solved"
> my problem using diferent "prio" values in filter rules.
> I don't now if this is a BUG !
>
> Anything else ?
>
> Telles
>
> Andre Correa wrote:
> |
> | Hi list, I'm playing with tc and found a strange behavior when I try to
> | delete filters. For example, this simple scenario:
> |
> | tc qdisc add dev eth1 root handle 1: htb default 100
> | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
> | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
> | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> | 10.10.10.20 flowid 1:2
> |
> | works just fine, but when I try to delete oen of the filters with
> | something like this:
> |
> | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> | 10.10.10.20 flowid 1:2
> |
> | both filters are deleted.
> |
> | I've found a post from Dimitry V. Ketov in the kernel list on may/2003
> | with a situation like this one, but there are no answers.
> |
> | I'm using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause?
> | I'm suposed to be able to delete filters separately right? May it be a
> bug?
> |
> | Deleting the whole qdisc is not an opition in my setup and trying to
> | delete the parent class gives me a "device or resource busy" error
> | because of the filters. tc class del doesn't seen to delete its "child"
> | filter.
> |
> | tks for any information...
> |
> | Andre
> |
> | _______________________________________________
> | LARTC mailing list / LARTC@mailman.ds9a.nl
> | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> |
> |
>
> - --
> - ------------------------------------------------------
> Rodrigo P. Telles <telles@devel-it.com.br>
> Gerente de Projetos - http://www.devel-it.com.br
> Devel-IT - Uma empresa do Grupo TDKOM
> - ------------------------------------------------------
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP
> 6DYjQf0/5NVNRrojAXvgcw8> ÐPR
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
2004-01-08 18:02 ` Andre Correa
@ 2004-01-08 18:46 ` Rodrigo P. Telles
2004-01-08 19:02 ` Andre Correa
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-08 18:46 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andre,
I've had the same problem when I try to remove one filter rule.
This is ocurred when you have the same prio for all filter rules. I've "solved"
my problem using diferent "prio" values in filter rules.
I don't now if this is a BUG !
Anything else ?
Telles
Andre Correa wrote:
|
| Hi list, I'm playing with tc and found a strange behavior when I try to
| delete filters. For example, this simple scenario:
|
| tc qdisc add dev eth1 root handle 1: htb default 100
| tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
| tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
| tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
| tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
| tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| 10.10.10.20 flowid 1:2
|
| works just fine, but when I try to delete oen of the filters with
| something like this:
|
| tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| 10.10.10.20 flowid 1:2
|
| both filters are deleted.
|
| I've found a post from Dimitry V. Ketov in the kernel list on may/2003
| with a situation like this one, but there are no answers.
|
| I'm using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause?
| I'm suposed to be able to delete filters separately right? May it be a bug?
|
| Deleting the whole qdisc is not an opition in my setup and trying to
| delete the parent class gives me a "device or resource busy" error
| because of the filters. tc class del doesn't seen to delete its "child"
| filter.
|
| tks for any information...
|
| Andre
|
| _______________________________________________
| LARTC mailing list / LARTC@mailman.ds9a.nl
| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP
6DYjQf0/5NVNRrojAXvgcw8ÐPR
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
2004-01-08 18:02 ` Andre Correa
2004-01-08 18:46 ` Rodrigo P. Telles
@ 2004-01-08 19:02 ` Andre Correa
2004-01-08 19:27 ` Rodrigo P. Telles
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Andre Correa @ 2004-01-08 19:02 UTC (permalink / raw)
To: lartc
Patrick, tks for the info but I'm sure I got your idea.
A filter handle is something like: "804::800" right?
I've tried this (supose classes 1:1 and 1:2 exist):
tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
match ip src 10.10.10.10 flowid 1:1
tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
match ip src 10.10.10.11 flowid 1:2
and then:
tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
but both filter are deleted...
Am I missing something?
tks a lot...
Andre
Patrick McHardy wrote:
> Andre Correa wrote:
>
>>
>> Hi list, I'm playing with tc and found a strange behavior when I try
>> to delete filters. For example, this simple scenario:
>>
>> tc qdisc add dev eth1 root handle 1: htb default 100
>> tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
>> tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
>> tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
>> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
>> 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
>> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
>> 10.10.10.20 flowid 1:2
>>
>> works just fine, but when I try to delete oen of the filters with
>> something like this:
>>
>> tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
>> 10.10.10.20 flowid 1:2
>>
>> both filters are deleted.
>
>
> The kernel only regards priorities when deleting a filter without
> giving a handle. Use the handle if you want to delete a specific filter.
>
> Regards,
> Patricky
>
>
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (2 preceding siblings ...)
2004-01-08 19:02 ` Andre Correa
@ 2004-01-08 19:27 ` Rodrigo P. Telles
2004-01-08 20:31 ` Patrick McHardy
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-08 19:27 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andre,
In my last e-mail about deleting filters (I'm sorry):
s/Anything else ?/Anyone has idea about that strange "problem" ?/
Stef ?
Telles
Rodrigo P. Telles wrote:
| Andre,
|
| I've had the same problem when I try to remove one filter rule.
| This is ocurred when you have the same prio for all filter rules. I've
| "solved"
| my problem using diferent "prio" values in filter rules.
| I don't now if this is a BUG !
|
| Anything else ?
|
| Telles
|
| Andre Correa wrote:
| |
| | Hi list, I'm playing with tc and found a strange behavior when I try to
| | delete filters. For example, this simple scenario:
| |
| | tc qdisc add dev eth1 root handle 1: htb default 100
| | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
| | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
| | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
| | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
| | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| | 10.10.10.20 flowid 1:2
| |
| | works just fine, but when I try to delete oen of the filters with
| | something like this:
| |
| | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
| | 10.10.10.20 flowid 1:2
| |
| | both filters are deleted.
| |
| | I've found a post from Dimitry V. Ketov in the kernel list on may/2003
| | with a situation like this one, but there are no answers.
| |
| | I'm using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause?
| | I'm suposed to be able to delete filters separately right? May it be a
| bug?
| |
| | Deleting the whole qdisc is not an opition in my setup and trying to
| | delete the parent class gives me a "device or resource busy" error
| | because of the filters. tc class del doesn't seen to delete its "child"
| | filter.
| |
| | tks for any information...
| |
| | Andre
| |
| | _______________________________________________
| | LARTC mailing list / LARTC@mailman.ds9a.nl
| | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
| |
| |
|
| --
| ------------------------------------------------------
| Rodrigo P. Telles <telles@devel-it.com.br>
| Gerente de Projetos - http://www.devel-it.com.br
| Devel-IT - Uma empresa do Grupo TDKOM
| ------------------------------------------------------
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//a88iLK8unYgEMQRAkJ1AJ498bVg/9cOGlmlnkpNVsb0WudUlACfUny6
Wz0hejIwM5z3cz417//1LCg=f/u2
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (3 preceding siblings ...)
2004-01-08 19:27 ` Rodrigo P. Telles
@ 2004-01-08 20:31 ` Patrick McHardy
2004-01-08 21:26 ` Patrick McHardy
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Patrick McHardy @ 2004-01-08 20:31 UTC (permalink / raw)
To: lartc
Andre Correa wrote:
>
> Hi list, I'm playing with tc and found a strange behavior when I try
> to delete filters. For example, this simple scenario:
>
> tc qdisc add dev eth1 root handle 1: htb default 100
> tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
> tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
> tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
> tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> 10.10.10.20 flowid 1:2
>
> works just fine, but when I try to delete oen of the filters with
> something like this:
>
> tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
> 10.10.10.20 flowid 1:2
>
> both filters are deleted.
The kernel only regards priorities when deleting a filter without
giving a handle. Use the handle if you want to delete a specific filter.
Regards,
Patricky
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (4 preceding siblings ...)
2004-01-08 20:31 ` Patrick McHardy
@ 2004-01-08 21:26 ` Patrick McHardy
2004-01-08 22:55 ` Rodrigo P. Telles
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Patrick McHardy @ 2004-01-08 21:26 UTC (permalink / raw)
To: lartc
Andre Correa wrote:
>
> Patrick, tks for the info but I'm sure I got your idea.
>
> A filter handle is something like: "804::800" right?
Not exactly. How handles are handled depends on the classifier,
fw classifier for example uses its own handle to match the nfmark,
route creates handles of its own and errors if the handle supplied
from userspace differs.
Maybe a example clears things up:
<add filters>
tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
<show filters>
filter protocol ip pref 1 route
filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
As you can see the route classifier uses realm | 0x8000.
<delete filters>
tc filter del dev lo pref 1 handle 0x00048000 route
tc filter del dev lo pref 1 handle 0x00058000 route
tc filter del dev lo pref 1 handle 0x00068000 route
tc filter del dev lo pref 1 handle 0x00078000 route
tc filter del dev lo pref 1 handle 0x00088000 route
<show filters again>
filter protocol ip pref 1 route
Only the container of the single filters is left. To destroy it, delete by
priority: "tc filter del dev lo pref 1".
Hope that helps.
Patrick
> I've tried this (supose classes 1:1 and 1:2 exist):
>
> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
> match ip src 10.10.10.10 flowid 1:1
> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
> match ip src 10.10.10.11 flowid 1:2
>
> and then:
>
> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
>
> but both filter are deleted...
>
> Am I missing something?
>
> tks a lot...
>
> Andre
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (5 preceding siblings ...)
2004-01-08 21:26 ` Patrick McHardy
@ 2004-01-08 22:55 ` Rodrigo P. Telles
2004-01-08 23:32 ` Rodrigo P. Telles
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-08 22:55 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andre,
I don't now, when I've had that problem, I didn't find anything about that !
I've tried to report this problem, but all mails that I sent to the list, they
had simply desappeared, and I've found this "solution" (for my case this
solution is good). Later, my mail was started to work and I forgot to notify the
list about that.
I remembered that when I saw your mail about filter rules :-)
I expect that someone have an idea about that, because is impossible that only
you and me are having this behavior.
Telles
Andre Correa wrote:
|
| Hi Rodrigo, tks for the answer. It sounds like a starting point but this
| is not that good if there are several filters pointing to classes with
| high load. In this case lower prio classes will really have higher
| priority.
|
| Isn't it supposed to work as expected: delete only the right filter? May
| it be reported as a bug? Is it a known behavior?
|
| tks...
|
| Andre
|
|
| Rodrigo P. Telles wrote:
|
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|> Andre,
|>
|> I've had the same problem when I try to remove one filter rule.
|> This is ocurred when you have the same prio for all filter rules. I've
|> "solved"
|> my problem using diferent "prio" values in filter rules.
|> I don't now if this is a BUG !
|>
|> Anything else ?
|>
|> Telles
|>
|> Andre Correa wrote:
|> |
|> | Hi list, I'm playing with tc and found a strange behavior when I try to
|> | delete filters. For example, this simple scenario:
|> |
|> | tc qdisc add dev eth1 root handle 1: htb default 100
|> | tc class add dev eth1 parent 1: classid 1:1 htb rate 128Kbit
|> | tc class add dev eth1 parent 1: classid 1:2 htb rate 258Kbit
|> | tc class add dev eth1 parent 1: classid 1:100 htb rate 32Kbit
|> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
|> | 10.10.10.20 match ip dst 63.63.63.63 flowid 1:1
|> | tc filter add dev eth1 parent 1: protocol ip prio 1 u32 match ip src
|> | 10.10.10.20 flowid 1:2
|> |
|> | works just fine, but when I try to delete oen of the filters with
|> | something like this:
|> |
|> | tc filter del dev eth1 parent 1: protocol ip prio 1 u32 match ip src
|> | 10.10.10.20 flowid 1:2
|> |
|> | both filters are deleted.
|> |
|> | I've found a post from Dimitry V. Ketov in the kernel list on may/2003
|> | with a situation like this one, but there are no answers.
|> |
|> | I'm using 2.4.23 and iptables 1.2.7a. Any clues what can be the cause?
|> | I'm suposed to be able to delete filters separately right? May it be
|> a bug?
|> |
|> | Deleting the whole qdisc is not an opition in my setup and trying to
|> | delete the parent class gives me a "device or resource busy" error
|> | because of the filters. tc class del doesn't seen to delete its "child"
|> | filter.
|> |
|> | tks for any information...
|> |
|> | Andre
|> |
|> | _______________________________________________
|> | LARTC mailing list / LARTC@mailman.ds9a.nl
|> | http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|> |
|> |
|>
|> - --
|> - ------------------------------------------------------
|> Rodrigo P. Telles <telles@devel-it.com.br>
|> Gerente de Projetos - http://www.devel-it.com.br
|> Devel-IT - Uma empresa do Grupo TDKOM
|> - ------------------------------------------------------
|> -----BEGIN PGP SIGNATURE-----
|> Version: GnuPG v1.0.7 (GNU/Linux)
|> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>
|> iD8DBQE//aWeiLK8unYgEMQRAgPcAJ9iqsF9V5m4QqKrLgI3iUF6rLW8hACeJ0GP
|> 6DYjQf0/5NVNRrojAXvgcw8|> ÐPR
|> -----END PGP SIGNATURE-----
|>
|> _______________________________________________
|> LARTC mailing list / LARTC@mailman.ds9a.nl
|> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>
|>
|
| _______________________________________________
| LARTC mailing list / LARTC@mailman.ds9a.nl
| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//d/KiLK8unYgEMQRAlgLAJ4torQ3qVFfOLujnSMiFUkKG+CiIgCfZ2q9
jTggAS7kT2eIyiMnNqeEvEk=bzBz
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (6 preceding siblings ...)
2004-01-08 22:55 ` Rodrigo P. Telles
@ 2004-01-08 23:32 ` Rodrigo P. Telles
2004-01-09 10:45 ` Rodrigo P. Telles
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-08 23:32 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patrick,
Based in your explanation, I tried that:
# adding root qdisc, class and filters
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
tc qdisc add dev eth0 parent 1:11 handle 11: sfq
tc qdisc add dev eth0 parent 1:12 handle 12: sfq
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
src 10.10.10.10 flowid 1:11
tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
src 10.10.10.11 flowid 1:12
# tc filter show dev eth0
filter parent 1: protocol ip pref 1 u32
filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
flowid 1:11
~ match 0a0a0a0a/ffffffff at 12
filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
flowid 1:12
~ match 0a0a0a0b/ffffffff at 12
# deleting a rule
tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
Must specify filter type when using "handle"
Humm, I got back to LARTC Howto, but I can't found anything about "filter type" !
What's wrong ?
Telles
Patrick McHardy wrote:
| Andre Correa wrote:
|
|>
|> Patrick, tks for the info but I'm sure I got your idea.
|>
|> A filter handle is something like: "804::800" right?
|
|
| Not exactly. How handles are handled depends on the classifier,
| fw classifier for example uses its own handle to match the nfmark,
| route creates handles of its own and errors if the handle supplied
| from userspace differs.
|
| Maybe a example clears things up:
| <add filters>
| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
|
| <show filters>
| filter protocol ip pref 1 route
| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
|
| As you can see the route classifier uses realm | 0x8000.
|
| <delete filters>
| tc filter del dev lo pref 1 handle 0x00048000 route
| tc filter del dev lo pref 1 handle 0x00058000 route
| tc filter del dev lo pref 1 handle 0x00068000 route
| tc filter del dev lo pref 1 handle 0x00078000 route
| tc filter del dev lo pref 1 handle 0x00088000 route
|
| <show filters again>
| filter protocol ip pref 1 route
|
| Only the container of the single filters is left. To destroy it, delete by
| priority: "tc filter del dev lo pref 1".
|
| Hope that helps.
|
| Patrick
|
|
|> I've tried this (supose classes 1:1 and 1:2 exist):
|>
|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
|> match ip src 10.10.10.10 flowid 1:1
|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
|> match ip src 10.10.10.11 flowid 1:2
|>
|> and then:
|>
|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
|>
|> but both filter are deleted...
|>
|> Am I missing something?
|>
|> tks a lot...
|>
|> Andre
|>
|
|
| _______________________________________________
| LARTC mailing list / LARTC@mailman.ds9a.nl
| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
Ly6eZtiaSTtrWMrpPm9MxnQ=rhE2
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (7 preceding siblings ...)
2004-01-08 23:32 ` Rodrigo P. Telles
@ 2004-01-09 10:45 ` Rodrigo P. Telles
2004-01-09 11:00 ` Lars Landmark
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-09 10:45 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars,
I knew that (I use this form, but with handle, it doesn't work), but if what you
said is truth, the folowing command would have work:
tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
src 10.10.10.10 flowid 1:12
RTNETLINK answers: No such file or directory
|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
src 10.10.10.11 flowid 1:12
What you thing about that ?
Telles
Lars Landmark wrote:
|
| Hi Rodrigo;
|
| When you add a new filter rule, you write "tc filter add .....". If you
| now substitute add with del, you are able to delete the right filter
| without any other filters being deleted.
|
| Hope this helps.
|
| Lars
|
|
| On Thu, 8 Jan 2004, Rodrigo P. Telles wrote:
|
|
|>-----BEGIN PGP SIGNED MESSAGE-----
|>Hash: SHA1
|>
|>Patrick,
|>
|>Based in your explanation, I tried that:
|>
|># adding root qdisc, class and filters
|>tc qdisc add dev eth0 root handle 1: htb
|>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
|>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
|>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
|>
|>tc qdisc add dev eth0 parent 1:11 handle 11: sfq
|>tc qdisc add dev eth0 parent 1:12 handle 12: sfq
|>
|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
|>src 10.10.10.10 flowid 1:11
|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>src 10.10.10.11 flowid 1:12
|>
|># tc filter show dev eth0
|>filter parent 1: protocol ip pref 1 u32
|>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
|>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
|>flowid 1:11
|>~ match 0a0a0a0a/ffffffff at 12
|>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
|>flowid 1:12
|>~ match 0a0a0a0b/ffffffff at 12
|>
|># deleting a rule
|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
|>Must specify filter type when using "handle"
|>
|>Humm, I got back to LARTC Howto, but I can't found anything about "filter type" !
|>
|>What's wrong ?
|>
|>Telles
|>
|>
|>Patrick McHardy wrote:
|>| Andre Correa wrote:
|>|
|>|>
|>|> Patrick, tks for the info but I'm sure I got your idea.
|>|>
|>|> A filter handle is something like: "804::800" right?
|>|
|>|
|>| Not exactly. How handles are handled depends on the classifier,
|>| fw classifier for example uses its own handle to match the nfmark,
|>| route creates handles of its own and errors if the handle supplied
|>| from userspace differs.
|>|
|>| Maybe a example clears things up:
|>| <add filters>
|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
|>|
|>| <show filters>
|>| filter protocol ip pref 1 route
|>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
|>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
|>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
|>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
|>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
|>|
|>| As you can see the route classifier uses realm | 0x8000.
|>|
|>| <delete filters>
|>| tc filter del dev lo pref 1 handle 0x00048000 route
|>| tc filter del dev lo pref 1 handle 0x00058000 route
|>| tc filter del dev lo pref 1 handle 0x00068000 route
|>| tc filter del dev lo pref 1 handle 0x00078000 route
|>| tc filter del dev lo pref 1 handle 0x00088000 route
|>|
|>| <show filters again>
|>| filter protocol ip pref 1 route
|>|
|>| Only the container of the single filters is left. To destroy it, delete by
|>| priority: "tc filter del dev lo pref 1".
|>|
|>| Hope that helps.
|>|
|>| Patrick
|>|
|>|
|>|> I've tried this (supose classes 1:1 and 1:2 exist):
|>|>
|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
|>|> match ip src 10.10.10.10 flowid 1:1
|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
|>|> match ip src 10.10.10.11 flowid 1:2
|>|>
|>|> and then:
|>|>
|>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
|>|>
|>|> but both filter are deleted...
|>|>
|>|> Am I missing something?
|>|>
|>|> tks a lot...
|>|>
|>|> Andre
|>|>
|>|
|>|
|>| _______________________________________________
|>| LARTC mailing list / LARTC@mailman.ds9a.nl
|>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>|
|>|
|>
|>- --
|>- ------------------------------------------------------
|>Rodrigo P. Telles <telles@devel-it.com.br>
|>Gerente de Projetos - http://www.devel-it.com.br
|>Devel-IT - Uma empresa do Grupo TDKOM
|>- ------------------------------------------------------
|>-----BEGIN PGP SIGNATURE-----
|>Version: GnuPG v1.0.7 (GNU/Linux)
|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>
|>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
|>Ly6eZtiaSTtrWMrpPm9MxnQ|>=rhE2
|>-----END PGP SIGNATURE-----
|>
|>_______________________________________________
|>LARTC mailing list / LARTC@mailman.ds9a.nl
|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>
|
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI
C+1AYYFiTKvXabVcluSnR6EÉXe
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (8 preceding siblings ...)
2004-01-09 10:45 ` Rodrigo P. Telles
@ 2004-01-09 11:00 ` Lars Landmark
2004-01-09 11:27 ` Rodrigo P. Telles
2004-01-09 13:37 ` Andre Correa
11 siblings, 0 replies; 13+ messages in thread
From: Lars Landmark @ 2004-01-09 11:00 UTC (permalink / raw)
To: lartc
Hi;
no clue :-(
May I ask why you are using "handle" and not "parent" since HTB is used?
And what eventually are the differences?
Lars
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Lars,
>
> I knew that (I use this form, but with handle, it doesn't work), but if what you
> said is truth, the folowing command would have work:
>
> tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> src 10.10.10.10 flowid 1:12
> RTNETLINK answers: No such file or directory
>
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> src 10.10.10.11 flowid 1:12
>
> What you thing about that ?
>
> Telles
>
> Lars Landmark wrote:
> |
> | Hi Rodrigo;
> |
> | When you add a new filter rule, you write "tc filter add .....". If you
> | now substitute add with del, you are able to delete the right filter
> | without any other filters being deleted.
> |
> | Hope this helps.
> |
> | Lars
> |
> |
> | On Thu, 8 Jan 2004, Rodrigo P. Telles wrote:
> |
> |
> |>-----BEGIN PGP SIGNED MESSAGE-----
> |>Hash: SHA1
> |>
> |>Patrick,
> |>
> |>Based in your explanation, I tried that:
> |>
> |># adding root qdisc, class and filters
> |>tc qdisc add dev eth0 root handle 1: htb
> |>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
> |>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
> |>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
> |>
> |>tc qdisc add dev eth0 parent 1:11 handle 11: sfq
> |>tc qdisc add dev eth0 parent 1:12 handle 12: sfq
> |>
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
> |>src 10.10.10.10 flowid 1:11
> |>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
> |>src 10.10.10.11 flowid 1:12
> |>
> |># tc filter show dev eth0
> |>filter parent 1: protocol ip pref 1 u32
> |>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
> |>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
> |>flowid 1:11
> |>~ match 0a0a0a0a/ffffffff at 12
> |>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
> |>flowid 1:12
> |>~ match 0a0a0a0b/ffffffff at 12
> |>
> |># deleting a rule
> |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
> |>Must specify filter type when using "handle"
> |>
> |>Humm, I got back to LARTC Howto, but I can't found anything about "filter type" !
> |>
> |>What's wrong ?
> |>
> |>Telles
> |>
> |>
> |>Patrick McHardy wrote:
> |>| Andre Correa wrote:
> |>|
> |>|>
> |>|> Patrick, tks for the info but I'm sure I got your idea.
> |>|>
> |>|> A filter handle is something like: "804::800" right?
> |>|
> |>|
> |>| Not exactly. How handles are handled depends on the classifier,
> |>| fw classifier for example uses its own handle to match the nfmark,
> |>| route creates handles of its own and errors if the handle supplied
> |>| from userspace differs.
> |>|
> |>| Maybe a example clears things up:
> |>| <add filters>
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
> |>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
> |>|
> |>| <show filters>
> |>| filter protocol ip pref 1 route
> |>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
> |>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
> |>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
> |>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
> |>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
> |>|
> |>| As you can see the route classifier uses realm | 0x8000.
> |>|
> |>| <delete filters>
> |>| tc filter del dev lo pref 1 handle 0x00048000 route
> |>| tc filter del dev lo pref 1 handle 0x00058000 route
> |>| tc filter del dev lo pref 1 handle 0x00068000 route
> |>| tc filter del dev lo pref 1 handle 0x00078000 route
> |>| tc filter del dev lo pref 1 handle 0x00088000 route
> |>|
> |>| <show filters again>
> |>| filter protocol ip pref 1 route
> |>|
> |>| Only the container of the single filters is left. To destroy it, delete by
> |>| priority: "tc filter del dev lo pref 1".
> |>|
> |>| Hope that helps.
> |>|
> |>| Patrick
> |>|
> |>|
> |>|> I've tried this (supose classes 1:1 and 1:2 exist):
> |>|>
> |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
> |>|> match ip src 10.10.10.10 flowid 1:1
> |>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
> |>|> match ip src 10.10.10.11 flowid 1:2
> |>|>
> |>|> and then:
> |>|>
> |>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
> |>|>
> |>|> but both filter are deleted...
> |>|>
> |>|> Am I missing something?
> |>|>
> |>|> tks a lot...
> |>|>
> |>|> Andre
> |>|>
> |>|
> |>|
> |>| _______________________________________________
> |>| LARTC mailing list / LARTC@mailman.ds9a.nl
> |>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> |>|
> |>|
> |>
> |>- --
> |>- ------------------------------------------------------
> |>Rodrigo P. Telles <telles@devel-it.com.br>
> |>Gerente de Projetos - http://www.devel-it.com.br
> |>Devel-IT - Uma empresa do Grupo TDKOM
> |>- ------------------------------------------------------
> |>-----BEGIN PGP SIGNATURE-----
> |>Version: GnuPG v1.0.7 (GNU/Linux)
> |>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> |>
> |>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
> |>Ly6eZtiaSTtrWMrpPm9MxnQ> |>=rhE2
> |>-----END PGP SIGNATURE-----
> |>
> |>_______________________________________________
> |>LARTC mailing list / LARTC@mailman.ds9a.nl
> |>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> |>
> |
> |
> |
>
> - --
> - ------------------------------------------------------
> Rodrigo P. Telles <telles@devel-it.com.br>
> Gerente de Projetos - http://www.devel-it.com.br
> Devel-IT - Uma empresa do Grupo TDKOM
> - ------------------------------------------------------
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI
> C+1AYYFiTKvXabVcluSnR6E> ÉXe
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (9 preceding siblings ...)
2004-01-09 11:00 ` Lars Landmark
@ 2004-01-09 11:27 ` Rodrigo P. Telles
2004-01-09 13:37 ` Andre Correa
11 siblings, 0 replies; 13+ messages in thread
From: Rodrigo P. Telles @ 2004-01-09 11:27 UTC (permalink / raw)
To: lartc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars,
It's about the discussion of "deleting filter rules", and this "method" (using
handle) was explaned by Patrick (see the list history).
Telles
Lars Landmark wrote:
| Hi;
|
| no clue :-(
| May I ask why you are using "handle" and not "parent" since HTB is used?
| And what eventually are the differences?
|
| Lars
|
|
|
|>-----BEGIN PGP SIGNED MESSAGE-----
|>Hash: SHA1
|>
|>Lars,
|>
|>I knew that (I use this form, but with handle, it doesn't work), but if what you
|>said is truth, the folowing command would have work:
|>
|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>src 10.10.10.10 flowid 1:12
|>RTNETLINK answers: No such file or directory
|>
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>src 10.10.10.11 flowid 1:12
|>
|>What you thing about that ?
|>
|>Telles
|>
|>Lars Landmark wrote:
|>|
|>| Hi Rodrigo;
|>|
|>| When you add a new filter rule, you write "tc filter add .....". If you
|>| now substitute add with del, you are able to delete the right filter
|>| without any other filters being deleted.
|>|
|>| Hope this helps.
|>|
|>| Lars
|>|
|>|
|>| On Thu, 8 Jan 2004, Rodrigo P. Telles wrote:
|>|
|>|
|>|>-----BEGIN PGP SIGNED MESSAGE-----
|>|>Hash: SHA1
|>|>
|>|>Patrick,
|>|>
|>|>Based in your explanation, I tried that:
|>|>
|>|># adding root qdisc, class and filters
|>|>tc qdisc add dev eth0 root handle 1: htb
|>|>tc class add dev eth0 parent 1: classid 1:10 htb rate 768Kbit
|>|>tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512Kbit
|>|>tc class add dev eth0 parent 1:1 classid 1:12 htb rate 256Kbit
|>|>
|>|>tc qdisc add dev eth0 parent 1:11 handle 11: sfq
|>|>tc qdisc add dev eth0 parent 1:12 handle 12: sfq
|>|>
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::11 u32 match ip
|>|>src 10.10.10.10 flowid 1:11
|>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32 match ip
|>|>src 10.10.10.11 flowid 1:12
|>|>
|>|># tc filter show dev eth0
|>|>filter parent 1: protocol ip pref 1 u32
|>|>filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1
|>|>filter parent 1: protocol ip pref 1 u32 fh 800::11 order 17 key ht 800 bkt 0
|>|>flowid 1:11
|>|>~ match 0a0a0a0a/ffffffff at 12
|>|>filter parent 1: protocol ip pref 1 u32 fh 800::12 order 18 key ht 800 bkt 0
|>|>flowid 1:12
|>|>~ match 0a0a0a0b/ffffffff at 12
|>|>
|>|># deleting a rule
|>|>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12
|>|>Must specify filter type when using "handle"
|>|>
|>|>Humm, I got back to LARTC Howto, but I can't found anything about "filter
type" !
|>|>
|>|>What's wrong ?
|>|>
|>|>Telles
|>|>
|>|>
|>|>Patrick McHardy wrote:
|>|>| Andre Correa wrote:
|>|>|
|>|>|>
|>|>|> Patrick, tks for the info but I'm sure I got your idea.
|>|>|>
|>|>|> A filter handle is something like: "804::800" right?
|>|>|
|>|>|
|>|>| Not exactly. How handles are handled depends on the classifier,
|>|>| fw classifier for example uses its own handle to match the nfmark,
|>|>| route creates handles of its own and errors if the handle supplied
|>|>| from userspace differs.
|>|>|
|>|>| Maybe a example clears things up:
|>|>| <add filters>
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 4 flowid 1:100
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 5 flowid 1:200
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 6 flowid 1:300
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 7 flowid 1:400
|>|>| tc filter add dev lo protocol ip parent 1: pref 1 route from 8 flowid 1:500
|>|>|
|>|>| <show filters>
|>|>| filter protocol ip pref 1 route
|>|>| filter protocol ip pref 1 route fh 0x00048000 flowid 1:100 from 4
|>|>| filter protocol ip pref 1 route fh 0x00058000 flowid 1:200 from 5
|>|>| filter protocol ip pref 1 route fh 0x00068000 flowid 1:300 from 6
|>|>| filter protocol ip pref 1 route fh 0x00078000 flowid 1:400 from 7
|>|>| filter protocol ip pref 1 route fh 0x00088000 flowid 1:500 from 8
|>|>|
|>|>| As you can see the route classifier uses realm | 0x8000.
|>|>|
|>|>| <delete filters>
|>|>| tc filter del dev lo pref 1 handle 0x00048000 route
|>|>| tc filter del dev lo pref 1 handle 0x00058000 route
|>|>| tc filter del dev lo pref 1 handle 0x00068000 route
|>|>| tc filter del dev lo pref 1 handle 0x00078000 route
|>|>| tc filter del dev lo pref 1 handle 0x00088000 route
|>|>|
|>|>| <show filters again>
|>|>| filter protocol ip pref 1 route
|>|>|
|>|>| Only the container of the single filters is left. To destroy it, delete by
|>|>| priority: "tc filter del dev lo pref 1".
|>|>|
|>|>| Hope that helps.
|>|>|
|>|>| Patrick
|>|>|
|>|>|
|>|>|> I've tried this (supose classes 1:1 and 1:2 exist):
|>|>|>
|>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
|>|>|> match ip src 10.10.10.10 flowid 1:1
|>|>|> tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
|>|>|> match ip src 10.10.10.11 flowid 1:2
|>|>|>
|>|>|> and then:
|>|>|>
|>|>|> tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
|>|>|>
|>|>|> but both filter are deleted...
|>|>|>
|>|>|> Am I missing something?
|>|>|>
|>|>|> tks a lot...
|>|>|>
|>|>|> Andre
|>|>|>
|>|>|
|>|>|
|>|>| _______________________________________________
|>|>| LARTC mailing list / LARTC@mailman.ds9a.nl
|>|>| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>|>|
|>|>|
|>|>
|>|>- --
|>|>- ------------------------------------------------------
|>|>Rodrigo P. Telles <telles@devel-it.com.br>
|>|>Gerente de Projetos - http://www.devel-it.com.br
|>|>Devel-IT - Uma empresa do Grupo TDKOM
|>|>- ------------------------------------------------------
|>|>-----BEGIN PGP SIGNATURE-----
|>|>Version: GnuPG v1.0.7 (GNU/Linux)
|>|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>|>
|>|>iD8DBQE//eiViLK8unYgEMQRAv1PAJ96witXRlYUwPW5fqDySWURu3VLcQCdGrx3
|>|>Ly6eZtiaSTtrWMrpPm9MxnQ|>|>=rhE2
|>|>-----END PGP SIGNATURE-----
|>|>
|>|>_______________________________________________
|>|>LARTC mailing list / LARTC@mailman.ds9a.nl
|>|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>|>
|>|
|>|
|>|
|>
|>- --
|>- ------------------------------------------------------
|>Rodrigo P. Telles <telles@devel-it.com.br>
|>Gerente de Projetos - http://www.devel-it.com.br
|>Devel-IT - Uma empresa do Grupo TDKOM
|>- ------------------------------------------------------
|>-----BEGIN PGP SIGNATURE-----
|>Version: GnuPG v1.0.7 (GNU/Linux)
|>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
|>
|>iD8DBQE//oZRiLK8unYgEMQRArqRAJwN4Ho/a7sQHVQAejb32iIdNbKYqACdG7kI
|>C+1AYYFiTKvXabVcluSnR6E|>ÉXe
|>-----END PGP SIGNATURE-----
|>
|>_______________________________________________
|>LARTC mailing list / LARTC@mailman.ds9a.nl
|>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|>
|
| _______________________________________________
| LARTC mailing list / LARTC@mailman.ds9a.nl
| http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
|
|
- --
- ------------------------------------------------------
Rodrigo P. Telles <telles@devel-it.com.br>
Gerente de Projetos - http://www.devel-it.com.br
Devel-IT - Uma empresa do Grupo TDKOM
- ------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE//pAUiLK8unYgEMQRAjeLAJ9ZCyPiKNcoENEgcCvfzIF1wJ2IlgCfel0D
BmAJ97csB8BxXywGwmLVrDM=JpSS
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [LARTC] Strange behavior deleting filters
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
` (10 preceding siblings ...)
2004-01-09 11:27 ` Rodrigo P. Telles
@ 2004-01-09 13:37 ` Andre Correa
11 siblings, 0 replies; 13+ messages in thread
From: Andre Correa @ 2004-01-09 13:37 UTC (permalink / raw)
To: lartc
The matter here is not really about using parent or handle (wich I'm
still not confortable with), but it is about the way a filter should be
deleted.
In situations like mine I cannot just delete filters by parent, because
parent qdiscs have dozens of child classes each one with a filter
poiting to it. If I have to "disable a customer", for example, I need to
delete its classes and consequently its filters, and today it is not
possible.
Using Rodrigo's trick with prio is doing the job, but doesn't look like
the right way to do it.
I'm not involved in tc, HTB or any other kernel-related development but
in my user point of view the sintax to add and delete filters should be
the same and when I delete a filter just that specific filter should be
delete, not all those that have the same prio. Maybe there was some
important problem during development that made it difficult or
impossible to be this way, we don't know yet...
Just getting back to the basic sitation, when I try (supose classes 1:1
and 1:2 exist):
tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::10 u32
match ip src 10.10.10.10 flowid 1:1
tc filter add dev eth1 parent 1: protocol ip prio 1 handle ::11 u32
match ip src 10.10.10.11 flowid 1:2
and then:
tc filter del dev eth1 parent 1: protocol ip prio 1 handle ::11
both filter are deleted... and it is supposed to delete just the second
filter. With or without handle the same result is reproducible in my
setup and in Rodrigo's too. Anybody else have the same behavior or it is
just us? My kernel is 2.4.23.
Anyway filters are still a bit difficult to fully understand. There are
too many undocumented options that should be described in
Advanced-Routing-HOWTO or somewhere else...
Where is the active development of tc going on for 2.4? May we report it
as a bug there?
Is the Advanced-Routing-Howto being updated? I would like to help with
it... tc is doing such a good job here that I want to give something
back to the community...
tks in advance...
Andre
Rodrigo P. Telles wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Lars,
>
> It's about the discussion of "deleting filter rules", and this "method"
> (using
> handle) was explaned by Patrick (see the list history).
>
> Telles
>
> Lars Landmark wrote:
> | Hi;
> |
> | no clue :-(
> | May I ask why you are using "handle" and not "parent" since HTB is used?
> | And what eventually are the differences?
> |
> | Lars
> |
> |
> |
> |>-----BEGIN PGP SIGNED MESSAGE-----
> |>Hash: SHA1
> |>
> |>Lars,
> |>
> |>I knew that (I use this form, but with handle, it doesn't work), but
> if what you
> |>said is truth, the folowing command would have work:
> |>
> |>tc filter del dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32
> match ip
> |>src 10.10.10.10 flowid 1:12
> |>RTNETLINK answers: No such file or directory
> |>
> |>|>tc filter add dev eth0 parent 1:0 protocol ip prio 1 handle ::12 u32
> match ip
> |>src 10.10.10.11 flowid 1:12
> |>
> |>What you thing about that ?
> |>
> |>Telles
> |>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2004-01-09 13:37 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-01-08 16:17 [LARTC] Strange behavior deleting filters Andre Correa
2004-01-08 18:02 ` Andre Correa
2004-01-08 18:46 ` Rodrigo P. Telles
2004-01-08 19:02 ` Andre Correa
2004-01-08 19:27 ` Rodrigo P. Telles
2004-01-08 20:31 ` Patrick McHardy
2004-01-08 21:26 ` Patrick McHardy
2004-01-08 22:55 ` Rodrigo P. Telles
2004-01-08 23:32 ` Rodrigo P. Telles
2004-01-09 10:45 ` Rodrigo P. Telles
2004-01-09 11:00 ` Lars Landmark
2004-01-09 11:27 ` Rodrigo P. Telles
2004-01-09 13:37 ` Andre Correa
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.