On 09/13/2012 04:56 PM, Mr Dash Four wrote: > A couple of things: > > You introduced this <class priority> << 8 | XX malarkey with RC1, > which was released a couple of hours ago. Your test results and the > files you have attached in your previous post have used this > not-yet-released RC1 version of shorewall!
As I stated in my previous post, the 'malarkey' has been in the Shorewall code for almost 3 years. > > My name is not Mystic Meg and I don't have a crystal ball to see > whether you are going to release a new version of shorewall in which > to include this << 8 | XX calculation. My testing and subsequent > results were based on the latest released version of shorewall at the > time (Beta3), with the exception of the patches you have provided me > with. No your're not -- but you are prone to making strong statements about things that you really know nothing about. > >> Note that the firewall mark classifiers all have their priority set >> to ( <class priority> << 8 ) | 20 and that the tcp-ack and >> tos-minimize-delay rules have priority ( <class priority> << 8 ) | >> 10. > Care to explain the reason behind this priority calculation - why ( > <class priority> << 8 ) | 10? It orders the MARK, tcp-ack and tos* filters in the order that makes them work as intended. > > Also, you have used MARK - I don't use that. May be that is why I am > not getting any priorities set at all when I use HFSC? That's correct (and you don't use 'tcp-ack' or 'tos*' options either). > When I use HTB > (again, without MARK being specified!) all class priority values are > set *exactly* as specified in tclasses, which is what I wanted in the > first place. And which has been the behavior since day 1. > >> The classifiers would look exactly the same if HTB were used. > See above - when I do *not* use MARK and with HFSC specified, I don't > have any priorities set. > > When I employ HTB (again, with *no* MARK specified), I see the > priorities values set *exactly* as specified in tcclassess/tcfilters > - this has all being tested with Beta3, as well as the newly-released > RC1 - the end result is the same as far as priorities go, with the > exception of automatic priority numbering (1-X) in RC1 in all "tc > filter add" statements if I do not specify any priority value in > tcfilters, which is to be expected really. > > So, for avoidance of any doubt and to stop us going round circles I > am attaching a couple of files: I understand how the product works; I may be old but I'm not senile. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
