diff options
| author | np <np@FreeBSD.org> | 2010-05-05 00:41:40 +0000 |
|---|---|---|
| committer | np <np@FreeBSD.org> | 2010-05-05 00:41:40 +0000 |
| commit | 30b63b91fa4784d0199bd0f95c61f2b6acaf8603 (patch) | |
| tree | 37c51f889d113eab95a33d0a4d79dbf073816626 /sys/dev/agp | |
| parent | 4045471dea00b4adc8b2213b9418074861e3c4c3 (diff) | |
| download | FreeBSD-src-30b63b91fa4784d0199bd0f95c61f2b6acaf8603.zip FreeBSD-src-30b63b91fa4784d0199bd0f95c61f2b6acaf8603.tar.gz | |
Add support for hardware filters to cxgb(4). The T3 chip can inspect
L2/3/4 headers and can drop or steer packets as instructed. Filtering
based on src ip, dst ip, src port, dst port, 802.1q, udp/tcp, and mac
addr is possible. Add support in cxgbtool to program these filters.
Some simple examples:
Drop all tcp/80 traffic coming from the subnet specified.
# cxgbtool cxgb2 filter 0 sip 192.168.1.0/24 dport 80 type tcp action drop
Steer all incoming UDP traffic to qset 0.
# cxgbtool cxgb2 filter 1 type udp queue 0 action pass
Steer all tcp traffic from 192.168.1.1 to qset 1.
# cxgbtool cxgb2 filter 2 sip 192.168.1.1 type tcp queue 1 action pass
Drop fragments.
# cxgbtool cxgb2 filter 3 type frag action drop
List all filters.
# cxgbtool cxgb2 filter list
index SIP DIP sport dport VLAN PRI P/MAC type Q
0 192.168.1.0/24 0.0.0.0 * 80 0 0/1 */* tcp -
1 0.0.0.0/0 0.0.0.0 * * 0 0/1 */* udp 0
2 192.168.1.1/32 0.0.0.0 * * 0 0/1 */* tcp 1
3 0.0.0.0/0 0.0.0.0 * * 0 0/1 */* frag -
16367 0.0.0.0/0 0.0.0.0 * * 0 0/1 */* * *
MFC after: 2 weeks
Diffstat (limited to 'sys/dev/agp')
0 files changed, 0 insertions, 0 deletions
