Eric Hidle on 17 Feb 2006 15:39:35 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] ebtables and tcp flags


I'm trying to figure out a way that I can match ebtables rules on TCP flags. As of now, there's nothing in the documentation that says it's possible, so I'm looking for an alternative. All I really need to do is set a mark on SYN packets so that they can be throttled by the rate limiter I have set up. This can also be done by iptables in the prerouting chain of the mangle table, but this chain doesn't seem to be traversed in my setup.

Here's my basic setup:
eth0 and eth1 form the bridge br0
eth0 inputs are classified into two queues using tc and the cbq algorithm
packets set to mark 2 are not throttled and packets set to mark 1 are throttled to 100kbits/s


In a fit of strangeness, logging all packets that traverse the mangle table prerouting chain shows that all of the UDP traffic input to the bridge port traverses this chain, but tcp or icmp traffic does not.

Any clues out there?
E

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug