[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Full TOS field Netfilter Module




As I hinted in one of the emails discussing the ingres queue I have a
cheap hack using NetFilter to set the TOS field of a packet. I cleaned it
up a bit so it will use the Patch-O-Matic. 

Basically you untar it in the /usr/src/netfilter/ directory then change
into userspace and make patch-o-matic. Select the ftos patch.

What this does is provides a new target called FTOS that takes an
argument.

iptables -t mangle -A PREROUTING { selections } -j FTOS --set-ftos <value>

Where <value> is a number from 0-255 decimal or 0x0 - oxff hex

This value is then placed into the TOS field within the packet. Then you
can use ip rule or egress to take action on the packet from there.

You can also set this to use the OUTPUT chain thus setting the TOS field
on output from localhost.

Note that this makes no attempt to check on the current value of the TOS
field or to split the field up into DiffServ etc. It just sets the field
to the value you put on the command line.

BTW - it makes a great testing utility for sending packets with known TOS
values...

HTH!

--------------------------------------------------
Matthew G. Marsh,  President
Paktronix Systems LLC
1506 North 59th Street
Omaha  NE  68104
Phone: (402) 932-7250
Email: mgm@paktronix.com
WWW:  http://www.paktronix.com
--------------------------------------------------


FTOS.tar.gz