Hi, I note that in tcrules, RESTORE applies a default mask of 0xFFFF in
the case of running the equiv of WIDE_TC_MARKS=Yes, HIGH_ROUTE_MARKS=Yes
However, if you try RESTORE/MASK it's clipped at TC_BITS (so 0x3FFF in
this case). I think this also applies to SAVE.
Seems inconsistent (you can't specify such a large mask as the default,
when you try it manually).
I wonder though if we actually need limit the range for SAVE/RESTORE at
all? It protects against saving or restoring route mark bits, but is
that necessary? Perhaps if TC_EXPERT is set then there could be no
limit on the mask used for SAVE/RESTORE? Comments?
Not even sure why this is even worth mentioning, but:
/usr/share/shorewall/Shorewall/Chains.pm: fatal_error "Mark value
($mark) too large" if numeric_value( $mark ) > $globals{TC_MAX};
/usr/share/shorewall/Shorewall/Tc.pm: fatal_error "Invalid Mark
($mark)" unless $markval <= $globals{TC_MAX};
The code police might comment on the varying ways of expressing the same
test (but not me...)
Many thanks
Ed W
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
