man: tc-u32: Fix page to match new firstfrag behavior
Commit690b11f4a6("tc: u32: Fix firstfrag filter.") applied in 2012 changed the "ip firstfrag" selector to not match non-fragmented packets anymore. However, the documentation added inf15a23966f("tc: add a man page for u32 filter") in 2015 includes an example that relies on the previous behavior (non-fragmented packet counted as first fragment). Due to this, the example does not work correctly and does not actually classify regular SSH packets. Modify the example to use a raw u16 selector on the fragment offset to make it work, and also make the firstfrag description more clear about the current behavior. Fixes:f15a23966f("tc: add a man page for u32 filter") Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi> Cc: Phil Sutter <phil@nwl.cc> Cc: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> Acked-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This commit is contained in:
parent
af96c7b5dd
commit
a787d9ae10
|
|
@ -427,7 +427,7 @@ Also minimal header size for IPv4 and lack of IPv6 extension headers is assumed.
|
||||||
IPv4 only, check certain flags and fragment offset values. Match if the packet
|
IPv4 only, check certain flags and fragment offset values. Match if the packet
|
||||||
is not a fragment
|
is not a fragment
|
||||||
.RB ( nofrag ),
|
.RB ( nofrag ),
|
||||||
the first fragment
|
the first fragment of a fragmented packet
|
||||||
.RB ( firstfrag ),
|
.RB ( firstfrag ),
|
||||||
if Don't Fragment
|
if Don't Fragment
|
||||||
.RB ( df )
|
.RB ( df )
|
||||||
|
|
@ -644,7 +644,7 @@ tc filter add dev eth0 parent 1:0 protocol ip \\
|
||||||
tc filter add dev eth0 parent 1:0 protocol ip \\
|
tc filter add dev eth0 parent 1:0 protocol ip \\
|
||||||
u32 ht 800: \\
|
u32 ht 800: \\
|
||||||
match ip protocol 6 FF \\
|
match ip protocol 6 FF \\
|
||||||
match ip firstfrag \\
|
match u16 0 1fff at 6 \\
|
||||||
offset at 0 mask 0f00 shift 6 \\
|
offset at 0 mask 0f00 shift 6 \\
|
||||||
link 1:
|
link 1:
|
||||||
.EE
|
.EE
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue