Linux Solutions

Welcome to the tutorial guide. The guide will provide a user with advise and guidance on filtering commands. Please note that most of the commands presented in this guide will start with this preamble:
# tc filter add dev eth0 parent 1:0 protocol ip prio 1 u32 ..
These are the so called ‘u32′ matches, which can match on ANY part of a packet.
On source/destination address
Source mask ‘match ip src 1.2.3.0/24′, destination mask ‘match ip dst 4.3.2.0/24′. To match a single host, use /32, or omit the mask.
On source/destination port, all IP protocols
Source: ‘match ip sport 80 0xffff’, destination: ‘match ip dport 80 0xffff’
On ip protocol (tcp, udp, icmp, gre, ipsec)
Use the numbers from /etc/protocols, for example, icmp is 1: ‘match ip protocol 1 0xff’.
On fwmark
A user can mark packets with either ipchains or iptables and have that mark survive routing across interfaces. This is really useful to for example only shape traffic on eth1 that came in on eth0. Syntax:
# tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 6 fw flowid 1:1
Note that this is not a u32 match!
A user can place a mark like this:
# iptables -A PREROUTING -t mangle -i eth0 -j MARK –set-mark 6
The number 6 is arbitrary.
If a user is not interested in understanding the full tc filter syntax, just use iptables, and only learn to select on fwmark.
On the TOS field
To select interactive, minimum delay traffic:
# tc filter add dev ppp0 parent 1:0 protocol ip prio 10 u32 \
match ip tos 0×10 0xff \
flowid 1:4
Use 0×08 0xff for bulk traffic.

If you followed advise and guidance as provided in this tutorial guide then you would have learnt about filtering commands.