Defining Filters
You create filters to identify packet flows as members of a particular class. Each
filter contains selectors, which define the criteria for evaluating a packet flow. The IPQoS-enabled
system uses the criteria in the selectors to extract packets from a traffic flow. The IPQoS system
then associates the packets with a class. For an introduction to filters, see IPQoS Filters on page 16.
Use only as many selectors as you need to extract packets for a class. The more selectors that
you define, the greater the impact on IPQoS performance.
The following table lists
the most commonly used selectors. The first five selectors represent
the IPQoS 5-tuple, which the IPQoS system uses to identify packets
as members of a flow. For a complete list of selectors, see Table 6–1.
Table 2-2 Common IPQoS Selectors
|
|
saddr
|
Source address.
|
daddr
|
Destination address.
|
sport
|
Source port number. You can use a well-known port number, as defined in
/etc/services, or a user-defined port number.
|
dport
|
Destination port number.
|
protocol
|
IP protocol number or protocol name that is assigned to the traffic flow type in
/etc/protocols.
|
ip_version
|
Addressing style to use, either IPv4 (the default) or IPv6.
|
dsfield
|
Contents of the DS field, that is, the DSCP. Use this selector for extracting incoming packets
that are already marked with a particular DSCP.
|
priority
|
|
user
|
Either the UNIX user ID or the user name that is used when the upper-level application is
executed.
|
projid
|
Project ID that is used when the upper-level application is executed.
|
direction
|
Direction of traffic flow. Acceptable values are either LOCAL_IN,
LOCAL_OUT, FWD_IN, or FWD_OUT.
|
|