- bookworm-backports 6.12.0-1~bpo12+1
- testing 6.12.0-1
- unstable 6.13.0-1
Generic actions in tc(8) | Linux | Generic actions in tc(8) |
NAME¶
gact - generic action
SYNOPSIS¶
tc ... action gact CONTROL [ RAND ] [
INDEX ] CONTROL := { reclassify | drop |
continue | pass | pipe |
goto chain CHAIN_INDEX |
jump JUMP_COUNT }
RAND := random RANDTYPE CONTROL VAL RANDTYPE := { netrand | determ } VAL := number not exceeding 10000 JUMP_COUNT := absolute jump from start of action list INDEX := index value used
DESCRIPTION¶
The gact action allows reclassify, dropping, passing, or accepting packets. At the moment there are only two algorithms. One is deterministic and the other uses internal kernel netrand.
OPTIONS¶
- random RANDTYPE CONTROL VAL
- The probability of taking the action expressed in terms of 1 out of VAL packets.
- CONTROL
- Indicate how tc should proceed if the packet matches. For a description of the possible CONTROL values, see tc-actions(8).
EXAMPLES¶
Apply a rule on ingress to drop packets from a given source address.
# tc filter add dev eth0 parent ffff: protocol ip prio 6 u32 match ip src 10.0.0.9/32 flowid 1:16 action drop
Allow 1 out 10 packets from source randomly using the netrand generator
# tc filter add dev eth0 parent ffff: protocol ip prio 6 u32 match ip src 10.0.0.9/32 flowid 1:16 action drop random netrand ok 10
Deterministically accept every second packet
# tc filter add dev eth0 parent ffff: protocol ip prio 6 u32 match ip src 10.0.0.9/32 flowid 1:16 action drop random determ ok 2
SEE ALSO¶
11 Jan 2023 | iproute2 |