Rozdíly

Zde můžete vidět rozdíly mezi vybranou verzí a aktuální verzí dané stránky.

--- howto:network:nftables [2018/11/28 21:55] – vytvořeno harvie
+++ howto:network:nftables [2018/11/28 23:08] (aktuální) – harvie
@@ Řádek 2: / Řádek 2: @@
 ===== Traffic Shaping with nftables and tc =====
+Using shell commands:
+<code bash>
+nft add table ip filter
+nft add map filter deucalion { type ipv4_addr : classid\; }
+</code>
+Using nftables file:
 <file ini deucalion.nft>
+table ip filter {
 	map deucalion {
 		type ipv4_addr : classid;
@@ Řádek 14: / Řádek 24: @@
 		meta priority set ip daddr map @deucalion;
 	}
+}
+</file>
+==== Patch ====
+This patch is already merged upstream (as of 2018 Archlinux and Ubuntu have it, Debian not yet!):
+  * https://www.spinics.net/lists/netfilter/msg57694.html
+  * https://www.spinics.net/lists/netfilter/threads.html#57694
+You need it if nft shows this error:
+<code>
+<cmdline>:1:45-51: Error: syntax error, unexpected classid, expecting string or dscp or ecn or mark
+add map filter deucalion { type ipv4_addr : classid; }
+                                            ^^^^^^^
+<cmdline>:1:26-52: Error: map definition does not specify key data type
+add map filter deucalion { type ipv4_addr : classid; }
+                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^
+</code>
+<file diff nft-classid.patch>
+parser: allow classid as set key
+From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
+Allow TC classid as set key.
+Signed-off-by: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx>
+---
+ src/parser_bison.y |    1 +
+file changed, 1 insertion(+)
+diff --git a/src/parser_bison.y b/src/parser_bison.y
+index 7016f5b..2918875 100644
+--- a/src/parser_bison.y
++++ b/src/parser_bison.y
+@@ -1545,6 +1545,7 @@ type_identifier		:	STRING	{ $$ = $1; }
+ 			|	MARK	{ $$ = xstrdup("mark"); }
+ 			|	DSCP	{ $$ = xstrdup("dscp"); }
+ 			|	ECN	{ $$ = xstrdup("ecn"); }
++			|	CLASSID { $$ = xstrdup("classid"); }
+ 			;
+ hook_spec		:	TYPE		STRING		HOOK		STRING		dev_spec	PRIORITY	prio_spec
 </file>