From a6321c174e2a3df2726824a977a1ce2aa0488a8f Mon Sep 17 00:00:00 2001 From: Faiyaz Ahmed Date: Fri, 25 Jul 2008 15:43:12 +0000 Subject: [PATCH] I2 htb marking rule for nodes on i2. --- PlanetLabConf/iptables-Internet2 | 38 ++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 PlanetLabConf/iptables-Internet2 diff --git a/PlanetLabConf/iptables-Internet2 b/PlanetLabConf/iptables-Internet2 new file mode 100644 index 0000000..7594543 --- /dev/null +++ b/PlanetLabConf/iptables-Internet2 @@ -0,0 +1,38 @@ +# Iptables rules for Internet2 (exempt) nodes. Nodes sending traffic to any of the IPs +# in the Internet2 ipset (hash) will end up the the slice's exempt queue. This supersedes the default config that lives in svn/iptables/planetlab-config +# +# $Id$ +# +# Generated by iptables-save v1.3.8 on Fri Jul 25 15:09:03 2008 +*nat +:PREROUTING ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +COMMIT +# Completed on Fri Jul 25 15:09:03 2008 +# Generated by iptables-save v1.3.8 on Fri Jul 25 15:09:03 2008 +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:BLACKLIST - [0:0] +:LOGDROP - [0:0] +-A OUTPUT -j BLACKLIST +-A OUTPUT -o eth0 -j ULOG --ulog-cprange 54 --ulog-qthreshold 16 +-A LOGDROP -j LOG +-A LOGDROP -j DROP +COMMIT +# Completed on Fri Jul 25 15:09:03 2008 +# Generated by iptables-save v1.3.8 on Fri Jul 25 15:09:03 2008 +*mangle +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +-A INPUT -i ! lo -j MARK 0x0 +-A POSTROUTING -j MARK 0x0 +-A POSTROUTING -j CLASSIFY --set-class 0001:1000 +-A POSTROUTING -m set --set Internet2 dst -j CLASSIFY --set-class 0001:2000 +COMMIT +# Completed on Fri Jul 25 15:09:03 2008 -- 2.43.0