diff options
author | Hans Schillstrom <hans.schillstrom@ericsson.com> | 2012-04-23 03:35:28 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-07-14 15:47:30 +0200 |
commit | 4df8cb6ab176f3c1f2bf9498d0abde8d9362087b (patch) | |
tree | 6e8b6addf20992f239d1163d9d52d3caf0467eb4 /extensions/libxt_SECMARK.man | |
parent | a96166c24eaac1c91bed4815c09e91733409d888 (diff) |
extensions: add HMARK target
The target allows you to set mark packets based Jenkins' hash calculation:
h(t, rnd) = x
mark = (x % mod) + offset
where:
* t is a tuple that is used for the hashing:
t = [ src, dst, proto, sport, dport ]
Note that you can customize the tuple, thus, removing some component
that you don't want to use for the calculation. You can also use spi
instead of sport and dport, btw.
* rnd is the random seed that is explicitly passed via --hmark-rnd
* mod is the modulus, to determine the range of possible marks
* offset determines where the mark starts from
This target only works for the "raw" and "mangle" tables.
This can be used to distribute flows between a cluster of
systems and uplinks.
Initially based on work from Hans Schillingstrom. Pablo took it
over and introduced several improvements.
Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_SECMARK.man')
0 files changed, 0 insertions, 0 deletions