Hi, Piotr:
On Wed, 20 Feb 2008, Piotr Jasiukajtis wrote:
> Hi,
>
> this is my test config from the test router:
>
> fmt_version 1.0
>
> action {
> module ipgpc
> name ipgpc.classify
>
> # my app
> filter {
> name filter_ssh
> class meter_ssh
> dport 1234
> daddr 192.168.1.33
> }
> class {
> name meter_ssh
> next_action markEF
> enable_stats true
> }
>
>
> # the rest
> class {
> name std_traffic
> next_action markAF11
> enable_stats true
> }
> filter {
> name filter_std
> class std_traffic
> direction FWD_OUT
> }
>
>
> params {
> global_stats true
> }
> }
>
> action {
> module dscpmk
> name markEF
> params {
> dscp_map {0-63:46}
> next_action continue
> global_stats true
> }
> }
>
> action {
> module dscpmk
> name markAF11
> params {
> dscp_map {0-63:10}
> next_action continue
> global_stats true
> }
> }
>
> # EOF
>
>
>
> # kstat -m dscpmk
> module: dscpmk instance: 65
> name: dscpmk_stats class: markAF11
> crtime 13932,902419956
> dscp_changed 38491
> dscp_unchanged 0
> epackets 0
> ipackets 0
> npackets 38491
> snaptime 14934,943424849
>
> module: dscpmk instance: 66
> name: dscpmk_stats class: markEF
> crtime 13932,902464731
> dscp_changed 123801
> dscp_unchanged 0
> epackets 0
> ipackets 123801
> npackets 247602
> snaptime 14934,943758051
>
>
>
> Kstat counts packets for markAF11 and markEF which is true for that rules.
>
> I would like to know how to create 2 filters:
> - first for my application (for example some video traffic)
> - second for the rest of the traffic
probably something like the above, i.e:
action {
module ipgpc
name ipgpc.classify
filter {
name filter_video
class mark_videoEF
sport <video service>
}
class {
name mark_videoEF
next_action markEF
enable_stats true
}
class {
name rest_traffic
next_action markAF11
enable_stats true
}
filter {
name filter_rest
class rest_traffic
direction LOCAL_OUT
}
filter {
name filter_fwd
class rest_traffic
direction FWD_OUT
}
params {
global_stats true
}
}
since we are talking about outbound packets, your app could be identified
by a local port, I suppose, and then have a filter like filter_video with
class mark_videoEF. The rest of the outbound traffic will have to be
marked by markAF11, so we have filter_rest with LOCAL_OUT and filter_fwd
with FWD_OUT. We don't have a combined identifier for LOCAL_OUT and FWD_OUT,
so we would need two filters, but they could point to the same class/action.
If your machine is not forwarding, then you could just have filter_rest/
LOCAL_OUT.
Does that help?
-venu
>
> Regards
>
> Piotr Jasiukajtis / estibi
> _______________________________________________
> networking-discuss mailing list
> [email protected]
>
_______________________________________________
networking-discuss mailing list
[email protected]
