Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Depends on the program you use for filtering and the type of filtering you use.
If you're using blacklist filtering then any packets which do not match any filters are allowed.
If you're using whitelist filtering then any packets which do not match and filters are blocked.
Whitelist is more secure and usually preferred on intranet traffic. For internet traffic blacklisting is usually used considering the mass of information.
Does this answer your question? If not you'll have to provide more information.
I was able to get my traffic control working and saw that traffic that is not specified by a filter does indeed go through. The question I have now is how can I delete a filter without affecting the other filters. Here are the commands I used to initialled create the qdiscs, classes, and filters:
/root/tc qdisc add dev eth0 root handle 2 htb default 1
/root/tc class add dev eth0 parent 2: classid 2:6 htb rate 12Mbit
Connection #1
/root/tc class add dev eth0 parent 2:6 classid 2:100 htb rate 350Kbit
/root/tc qdisc add dev eth0 parent 2:100 sfq
/root/tc filter add dev eth0 parent 2: protocol ip pref 1 u32 match ip src 10.175.1.2 match ip dst 10.174.100.101 match ip sport 32867 0xffff match ip dport 5111 0xffff match ip protocol 17 0xff classid 2:100
Connection #2
/root/tc class add dev eth0 parent 2:6 classid 2:101 htb rate 550Kbit
/root/tc qdisc add dev eth0 parent 2:101 sfq
/root/tc filter add dev eth0 parent 2: protocol ip pref 1 u32 match ip src 10.175.1.2 match ip dst 10.174.100.101 match ip sport 32866 0xffff match ip dport 5222 0xffff match ip protocol 17 0xff classid 2:101
After a connection is destroyed, I want to delete the filter for that connection. Say Connection #1 is destroyed first. If I run:
/root/tc filter del dev eth0 parent 2: protocol ip pref 1 u32 match ip src 10.175.1.2 match ip dst 10.174.100.101 match ip sport 32867 0xffff match ip dport 5111 0xffff match ip protocol 17 0xff classid 2:100
BOTH filters get deleted. How can I delete a single filter without deleting other filters? I want to use classid 2:101 for another connection after Connection #1 is destroyed.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.