lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 24 May 2012 06:04:38 -0400
From:	Jamal Hadi Salim <>
Subject: Re: tc filter u32 match

On Tue, 2012-05-22 at 15:42 +0200, Nieścierowicz Adam wrote:
> Hello,
> I'm in the process of building a new shaper, when adding support for 
> 802.1q
> vlan noticed that u32 can catch network traffic without giving 4 bytes
> offset. How is this possible?

Because we look at where the network header starts?
Why do you expect 4 bytes to be counted? 

> My environment:
> eth2 - network card
> eth2.200 - vlan
> /sbin/tc filter add dev eth2 parent 1:0 prio 5 handle 35: protocol ip 
> u32 divisor 256
> /sbin/tc filter add dev eth2 protocol ip parent 1:0 prio 5 u32 ht 800:: 
> match ip dst hashkey mask 0x000000ff at 16 link 35:
> /sbin/tc filter add dev eth2 protocol ip parent 1: prio 1 u32 ht 35:24: 
> match ip dst flowid 1:2e5
> Here you can see the hits in the rule
> filter parent 1: protocol ip pref 5 u32 fh 35:24:800 order 2048 key ht 
> 35 bkt 24 flowid 1:2e5  (rule hit 44037 success 44037)
>    match 1f29d024/ffffffff at 16 (success 44037 )

I dont see an issue. This looks correct.

> I found a similar question here 

There may have been bugs in the past that someone missed or didnt
report here (likely around the time there was a lot of changes
happening with vlan offloading). Try the latest kernel and 
if it behaves badly, send a report and a reproducible test case.


To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists