I have a very specific questions about Linux Traffic control and u32 filters in particular. However, I don’t know where the right place is to ask such a question as it’s fairly niche.

The Linux Advanced Routing & Traffic Control site says it has a mailing list for questions, but the last post was from 2019. There is also the incredibly busy ‘linux-netdev’ mailing list, but, the traffic there looks like strictly source changes.

Any ideas?

The question I’m trying to find an answer to is: The u32 tc filter seems to support negative byte offsets which allows you to examine the Ethernet frame header (I don’t think I even found documentation on this, this is thanks to ChatGPT). However, when using u32 values to examine 8 bytes I can only use offsets in increments of 4 - like “at -8” or “at -12”, with any other increment giving me the error Illegal "match".

This seems like only a curiosity, but, I’ve been struggling to get my bit-matching to match the way I expect, and I’m wondering if this suggests that matching doesn’t function the way I think.

  • Ephera@lemmy.ml
    link
    fedilink
    arrow-up
    8
    ·
    11 months ago

    I don’t think posting to the linux-netdev mailing list is a terrible idea. For example, here’s someone who did post a question: https://marc.info/?l=linux-netdev&m=170628444014400&w=2

    But well, you might also be running into a bug or something that could potentially be exploited, or maybe just into a lack of documentation (which is also a bug). Either way, some devs might be interested in knowing about this.