|
 |
049c96 |
From 5479cdfe6cede09f61a3bf890d55dab651669a13 Mon Sep 17 00:00:00 2001
|
|
|
049c96 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
049c96 |
Date: Thu, 18 Feb 2016 15:45:21 +0100
|
|
|
049c96 |
Subject: [PATCH] tc: add a man page for cgroup filter
|
|
|
049c96 |
|
|
|
049c96 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1286711
|
|
|
049c96 |
Upstream Status: iproute2.git commit 5774f09ee8c6d
|
|
|
049c96 |
|
|
|
049c96 |
commit 5774f09ee8c6d36c34986bacea423b5b4dd1cb48
|
|
|
049c96 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
049c96 |
Date: Fri Oct 23 19:47:09 2015 +0200
|
|
|
049c96 |
|
|
|
049c96 |
tc: add a man page for cgroup filter
|
|
|
049c96 |
|
|
|
049c96 |
Cc: Thomas Graf <tgraf@suug.ch>
|
|
|
049c96 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
049c96 |
---
|
|
|
049c96 |
man/man8/tc-cgroup.8 | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
049c96 |
1 file changed, 80 insertions(+)
|
|
|
049c96 |
create mode 100644 man/man8/tc-cgroup.8
|
|
|
049c96 |
|
|
|
049c96 |
diff --git a/man/man8/tc-cgroup.8 b/man/man8/tc-cgroup.8
|
|
|
049c96 |
new file mode 100644
|
|
|
049c96 |
index 0000000..2bea7d4
|
|
|
049c96 |
--- /dev/null
|
|
|
049c96 |
+++ b/man/man8/tc-cgroup.8
|
|
|
049c96 |
@@ -0,0 +1,80 @@
|
|
|
049c96 |
+.TH "Cgroup classifier in tc" 8 " 21 Oct 2015" "iproute2" "Linux"
|
|
|
049c96 |
+
|
|
|
049c96 |
+.SH NAME
|
|
|
049c96 |
+cgroup \- control group based traffic control filter
|
|
|
049c96 |
+.SH SYNOPSIS
|
|
|
049c96 |
+.in +8
|
|
|
049c96 |
+.ti -8
|
|
|
049c96 |
+.BR tc " " filter " ... " cgroup " [ " match
|
|
|
049c96 |
+.IR EMATCH_TREE " ] [ "
|
|
|
049c96 |
+.B action
|
|
|
049c96 |
+.IR ACTION_SPEC " ]"
|
|
|
049c96 |
+.SH DESCRIPTION
|
|
|
049c96 |
+This filter serves as a hint to
|
|
|
049c96 |
+.B tc
|
|
|
049c96 |
+that the assigned class ID of the net_cls control group the process the packet
|
|
|
049c96 |
+originates from belongs to should be used for classification. Obviously, it is
|
|
|
049c96 |
+useful for locally generated packets only.
|
|
|
049c96 |
+.SH OPTIONS
|
|
|
049c96 |
+.TP
|
|
|
049c96 |
+.BI action " ACTION_SPEC"
|
|
|
049c96 |
+Apply an action from the generic actions framework on matching packets.
|
|
|
049c96 |
+.TP
|
|
|
049c96 |
+.BI match " EMATCH_TREE"
|
|
|
049c96 |
+Match packets using the extended match infrastructure. See
|
|
|
049c96 |
+.BR tc-ematch (8)
|
|
|
049c96 |
+for a detailed description of the allowed syntax in
|
|
|
049c96 |
+.IR EMATCH_TREE .
|
|
|
049c96 |
+.SH EXAMPLES
|
|
|
049c96 |
+In order to use this filter, a net_cls control group has to be created first and
|
|
|
049c96 |
+class as well as process ID(s) assigned to it. The following creates a net_cls
|
|
|
049c96 |
+cgroup named "foobar":
|
|
|
049c96 |
+
|
|
|
049c96 |
+.RS
|
|
|
049c96 |
+.EX
|
|
|
049c96 |
+modprobe cls_cgroup
|
|
|
049c96 |
+mkdir /sys/fs/cgroup/net_cls
|
|
|
049c96 |
+mount -t cgroup -onet_cls net_cls /sys/fs/cgroup/net_cls
|
|
|
049c96 |
+mkdir /sys/fs/cgroup/net_cls/foobar
|
|
|
049c96 |
+.EE
|
|
|
049c96 |
+.RE
|
|
|
049c96 |
+
|
|
|
049c96 |
+To assign a class ID to the created cgroup, a file named
|
|
|
049c96 |
+.I net_cls.classid
|
|
|
049c96 |
+has to be created which contains the class ID to be assigned as a hexadecimal,
|
|
|
049c96 |
+64bit wide number. The upper 32bits are reserved for the major handle, the
|
|
|
049c96 |
+remaining hold the minor. So a class ID of e.g.
|
|
|
049c96 |
+.B ff:be
|
|
|
049c96 |
+has to be written like so:
|
|
|
049c96 |
+.B 0xff00be
|
|
|
049c96 |
+(leading zeroes may be omitted). To continue the above example, the following
|
|
|
049c96 |
+assigns class ID 1:2 to foobar cgroup:
|
|
|
049c96 |
+
|
|
|
049c96 |
+.RS
|
|
|
049c96 |
+.EX
|
|
|
049c96 |
+echo 0x10002 > /sys/fs/cgroup/net_cls/foobar/net_cls.classid
|
|
|
049c96 |
+.EE
|
|
|
049c96 |
+.RE
|
|
|
049c96 |
+
|
|
|
049c96 |
+Finally some PIDs can be assigned to the given cgroup:
|
|
|
049c96 |
+
|
|
|
049c96 |
+.RS
|
|
|
049c96 |
+.EX
|
|
|
049c96 |
+echo 1234 > /sys/fs/cgroup/net_cls/foobar/tasks
|
|
|
049c96 |
+echo 5678 > /sys/fs/cgroup/net_cls/foobar/tasks
|
|
|
049c96 |
+.EE
|
|
|
049c96 |
+.RE
|
|
|
049c96 |
+
|
|
|
049c96 |
+Now by simply attaching a
|
|
|
049c96 |
+.B cgroup
|
|
|
049c96 |
+filter to a
|
|
|
049c96 |
+.B qdisc
|
|
|
049c96 |
+makes packets from PIDs 1234 and 5678 be pushed into class 1:2.
|
|
|
049c96 |
+
|
|
|
049c96 |
+.SH SEE ALSO
|
|
|
049c96 |
+.BR tc (8),
|
|
|
049c96 |
+.BR tc-ematch (8),
|
|
|
049c96 |
+.br
|
|
|
049c96 |
+the file
|
|
|
049c96 |
+.I Documentation/cgroups/net_cls.txt
|
|
|
049c96 |
+of the Linux kernel tree
|
|
|
049c96 |
--
|
|
|
049c96 |
1.8.3.1
|
|
|
049c96 |
|