Thomas, Thanks for the detailed response. Thought my mail was long forgotten :)
I am happy to know that there is a way of achieving http level packet classification once the connection tracking is also in place. We can even think of other string combinations for url based classification, not just what I mentioned in my earlier mail. All said done, since most of the traffic is anyway dominated by http, I feel it is worth providing differentation among the competing web flows. No ? Regards Anand On 8/7/05, Thomas Graf <[EMAIL PROTECTED]> wrote: > * Anand SVR <[EMAIL PROTECTED]> 2005-07-27 23:17 > > As a starting point, I would like to define classification rules such > > that web access to > > *.edu OR *.net OR *.org can be put under one bandwidth chunk. Public > > mail sites such as *.yahoo.com OR gmail.com OR *hotmail.com under a > > different chunk. The rest goes to default chunk, and so on. If any one > > category is not using its bandwidth share, others should be able to > > borrow the bandwidth. Of course smtp and other kinds of traffic will > > be given their quota. > > > > Can I do the above kind of classification, and subsequently bandwidth > > allocation based on text based wildcard with logical operators such as > > above using any of the existing options available under Linux ? Am I > > asking for a moon ? :) > > You can probably achieve this by using iptables to either mark > or classify the packets. Another possible route is to use the > new textsearch ematch although it's probably more efficient to > write an own ematch for this partially parsing the HTTP header. > The problem there is that the connection tracking part is still > missing but that will be added soon. So basically your filter > would look like: > > u32 classifier dport 80 > ematch conntrack_get(full tuple) > AND ematch http(edu) > OR ematch http(net) > OR ematch http(org) > action conntrack_put(full tuple) > > This would be just one out of various possible solutions to > address the above problem. I'll let you know once we have the > conntrack bits in the packet classification layer. > - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
