1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
.TH "skbmod action in tc" 8 "21 Sep 2016" "iproute2" "Linux"
.SH NAME
skbmod - user-friendly packet editor action
.SH SYNOPSIS
.in +8
.ti -8
.BR tc " ... " "action skbmod " "{ " "set "
.IR SETTABLE " | "
.BI swap " SWAPPABLE"
.RB " | " ecn
.RI "} [ " CONTROL " ] [ "
.BI index " INDEX "
]
.ti -8
.IR SETTABLE " := "
.RB " [ " dmac
.IR DMAC " ] "
.RB " [ " smac
.IR SMAC " ] "
.RB " [ " etype
.IR ETYPE " ] "
.ti -8
.IR SWAPPABLE " := "
.B mac
.ti -8
.IR CONTROL " := {"
.BR reclassify " | " pipe " | " drop " | " shot " | " continue " | " pass " }"
.SH DESCRIPTION
The
.B skbmod
action is intended as a usability upgrade to the existing
.B pedit
action. Instead of having to manually edit 8-, 16-, or 32-bit chunks of an
ethernet header,
.B skbmod
allows complete substitution of supported elements.
Action must be one of
.BR set ", " swap " and " ecn "."
.BR set " and " swap
only affect Ethernet packets, while
.B ecn
only affects IP packets.
.SH OPTIONS
.TP
.BI dmac " DMAC"
Change the destination mac to the specified address.
.TP
.BI smac " SMAC"
Change the source mac to the specified address.
.TP
.BI etype " ETYPE"
Change the ethertype to the specified value.
.TP
.BI mac
Used to swap mac addresses.
.TP
.B ecn
Used to mark ECN Capable Transport (ECT) IP packets as Congestion Encountered (CE).
Does not affect Non ECN-Capable Transport (Non-ECT) packets.
.TP
.I CONTROL
The following keywords allow one to control how the tree of qdisc, classes,
filters and actions is further traversed after this action.
.RS
.TP
.B reclassify
Restart with the first filter in the current list.
.TP
.B pipe
Continue with the next action attached to the same filter.
.TP
.B drop
.TQ
.B shot
Drop the packet.
.TP
.B continue
Continue classification with the next filter in line.
.TP
.B pass
Finish classification process and return to calling qdisc for further packet
processing. This is the default.
.RE
.SH EXAMPLES
To start, observe the following filter with a pedit action:
.RS
.EX
tc filter add dev eth1 parent 1: protocol ip prio 10 \\
u32 match ip protocol 1 0xff flowid 1:2 \\
action pedit munge offset -14 u8 set 0x02 \\
munge offset -13 u8 set 0x15 \\
munge offset -12 u8 set 0x15 \\
munge offset -11 u8 set 0x15 \\
munge offset -10 u16 set 0x1515 \\
pipe
.EE
.RE
Using the skbmod action, this command can be simplified to:
.RS
.EX
tc filter add dev eth1 parent 1: protocol ip prio 10 \\
u32 match ip protocol 1 0xff flowid 1:2 \\
action skbmod set dmac 02:15:15:15:15:15 \\
pipe
.EE
.RE
Complexity will increase if source mac and ethertype are also being edited
as part of the action. If all three fields are to be changed with skbmod:
.RS
.EX
tc filter add dev eth5 parent 1: protocol ip prio 10 \\
u32 match ip protocol 1 0xff flowid 1:2 \\
action skbmod \\
set etype 0xBEEF \\
set dmac 02:12:13:14:15:16 \\
set smac 02:22:23:24:25:26
.EE
.RE
To swap the destination and source mac addresses in the Ethernet header:
.RS
.EX
tc filter add dev eth3 parent 1: protocol ip prio 10 \\
u32 match ip protocol 1 0xff flowid 1:2 \\
action skbmod \\
swap mac
.EE
.RE
Finally, to mark the CE codepoint in the IP header for ECN Capable Transport (ECT) packets:
.RS
.EX
tc filter add dev eth0 parent 1: protocol ip prio 10 \\
u32 match ip protocol 1 0xff flowid 1:2 \\
action skbmod \\
ecn
.EE
.RE
Only one of
.BR set ", " swap " and " ecn
shall be used in a single command.
Trying to use more than one of them in a single command is considered undefined behavior; pipe
multiple commands together instead.
.SH SEE ALSO
.BR tc (8),
.BR tc-u32 (8),
.BR tc-pedit (8)
|
