[Shorewall-users] Startup error with more than 9 entries in tcinterfaces

Sun, 05 Jun 2016 14:49:25 -0700 

Hey.

We are currently experimenting with TC_ENABLED=Simple and it seems that 
when we add more than 9 interfaces to tcinterfaces, shorewall fails to 
start.
It does not matter in which order the interfaces are listed or if they 
are "external" or "internal" (only the first two fields are set), I 
always get (from "shorewall trace start"):

     + setup_br166_tc
     + interface_is_up br166
     + ip -4 link list dev br166
     + grep -e [<,]UP[,>]
     + [ -n 43: br166: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc 
noqueue state UP mode DEFAULT group default  ]
     + qt tc qdisc del dev br166 root
     + tc qdisc del dev br166 root
     + qt tc qdisc del dev br166 ingress
     + tc qdisc del dev br166 ingress
     + run_tc qdisc add dev br166 root handle a: prio bands 3 priomap 1 2 
2 2 1 2 0 0 1 1 1 1 1 1 1 1
     + tc qdisc add dev br166 root handle a: prio bands 3 priomap 1 2 2 2 
1 2 0 0 1 1 1 1 1 1 1 1
     + run_tc qdisc add dev br166 parent a:1 handle a1: sfq quantum 1875 
limit 127 perturb 10
     + tc qdisc add dev br166 parent a:1 handle a1: sfq quantum 1875 
limit 127 perturb 10
     + run_tc filter add dev br166 protocol all prio 17 parent a: handle 
1 fw classid a:1
     + tc filter add dev br166 protocol all prio 17 parent a: handle 1 fw 
classid a:1
     + run_tc filter add dev br166 protocol all prio 1 parent a1: handle 
a1 flow hash keys dst divisor 1024
     + tc filter add dev br166 protocol all prio 1 parent a1: handle a1 
flow hash keys dst divisor 1024
     Illegal "handle"
     + error_message ERROR: Command "tc filter add dev br166 protocol all 
prio 1 parent a1: handle a1 flow hash keys dst divisor 1024" Failed
     + echo    ERROR: Command "tc filter add dev br166 protocol all prio 
1 parent a1: handle a1 flow hash keys dst divisor 1024" Failed
        ERROR: Command "tc filter add dev br166 protocol all prio 1 
parent a1: handle a1 flow hash keys dst divisor 1024" Failed

This is running shorewall 4.6.4.3-2 from Debian jessie.


Best regards
felix

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to