[LARTC] U32 port matching trouble
Jörg Lübbert
j.luebbert@kaladix.org
Fri Feb 4 21:15:30 CET 2005
Walter Karshat wrote:
> A filter specification of
> 'match ip dport 0x6980 0xFFC0'
> will match a range of 27008 (0x6980) to 27071
> (0x69BF).
Just like I thought... Unfortunately this does not work for me :-(
tc filter add prio 1 dev ppp1 parent 2:0 protocol ip u32 match ip dst
0.0.0.0/0 match ip protocol 17 0xff match ip dport 0x6987 0xFFD2 flowid 2:4
Whereas this works:
tc filter add prio 1 dev ppp1 parent 2:0 protocol ip u32 match ip dst
0.0.0.0/0 match ip protocol 17 0xff match ip dport 0x6987 0xFFFF flowid 2:4
tc filter add prio 1 dev ppp1 parent 2:0 protocol ip u32 match ip dst
0.0.0.0/0 match ip protocol 17 0xff match ip dport 0x6988 0xFFFF flowid 2:4
.
.
.
tc filter add prio 1 dev ppp1 parent 2:0 protocol ip u32 match ip dst
0.0.0.0/0 match ip protocol 17 0xff match ip dport 0x69AA 0xFFFF flowid 2:4
But mostlikely comes at the cost of huge overhead.
> Are you certain you need to go all the way to 27050
> with your Half-Life server?
Yes, because there are enough internet servers not running within the
standard range of 27015 - 27020 but up to 40 or 50 (and of course some
non standard ports that I cannot take care of).
Thanks again,
- Jörg
More information about the LARTC
mailing list