#43 AS as MARK / CLASS / number from target arguments

git version
Patch (10)

This patch enables to use -j NETFLOW arguments:
--netflow-class | --netflow-fwmark | --netflow-secmark with extra argument src dst or full
What this does is: stores TC QDISC and/or CLASS OR FWMARK OR Secmark to specified location
SRC stores upper part of specified field to as_src (or qdisc / upper 16bits of fwmark / secmark)
DST stores lower part of specified field to as_dst (or class / lower 16bits of fwmark / secmark)
FULL is the same as SRC + DST

--netflow-src-as <number> can be used to store some STATIC number as as_src
--netflow-dst-as <number> same as above, but for as_dst
Fields can be used concurrently, as long as the same AS field is not used twice

This patch has one more option, but it is not supported now: --netflow-collector (specify EXTRA collectors from within target)

Status: works for me ( Linux 2.6.35, Iptables 1.4.8 (GIT) )


  • ABC

    ABC - 2010-08-04


  • Giedrius Liubavičius

    Cleaned up print function (for iptables -nvL human-readable output)
    added libipt_NETFLOW.h for internal structure

    Status: nice and smooth on backbone (Linux 2.6.35, iptables 1.4.8) for ~500Mbit traffic line

  • Comment has been marked as spam. 

    You can see all pending comments posted by this user  here

    Anonymous - 2011-05-14

    Any news?

  • ABC

    ABC - 2011-05-16

    Don't know news from the author of the patch.

  • ABC

    ABC - 2013-10-14
  • ABC

    ABC - 2013-10-14

    BTW, you can assign AS numbers into routing realms field, which is designed nearly for this. There is even quagga/zebra patches who can set realm automatically to AS value. Then module just needs to set src/dst AS from routing realm field (which is tclassid, enabled when kernel compiled with CONFIG_NET_CLS_ROUTE). Google for: quagga realm patch

    For example http://lists.quagga.net/pipermail/quagga-dev/2005-March/002946.html


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks