sounds like there's at least 1 person possibly working on some enhancements to the lib, which is great. feel free to direct any contribution discussion here.
Hello! Great and perfectly satirical library there that actually serves a function! So I'm working on trying to add support to target the performance of specific endpoints (slow lanes essentially). I've got a basic working prototype, but I really would like to make it that much easier, as well as better support domains. There's two ways I can go about this...
Currently, I have tested successfully using tc to make a u32 match to an ip (or CIDR mask). Seems to work okay! doesn't affect other traffic but that involving the specified IP. Though, the other way, that I have yet to get working for some unknown reason I didn't have time to troubleshoot with some linux networking boffins, is specifying the netem rule as I did before (minus the tc filter with a u32 match), and instead using iptables prerouting and fwmark, with a tc filter to apply the netem rule by class id to packets that match the prerouting marker.
For multiple disparate targets (not specifically covered by a single CIDR mask) If I can't get the iptables method of specifying the targets (makes it much easier, and also allows specification of domain names), then I'll just need to do multiple lines of u32 matches. Which should be fine,, and no persistence will be required, as I can simply just list out the rules and act per-entry from that.
For domain names with the u32 filter, I'll just have to run a query first to resolve the name.
lold at the library name
that's all I have to say.
Never heard of gitter, wanted to try it out
Alright, some troubleshooting lead to not using tc-filter for the packets, and instead using iptables with -j CLASSIFY (yay!) and I got it working. So rejiggering some things and then hammering on multiple target addresses.
So i'm also adding destination ports as well.
single ports, multiple ports, port ranges, and combination therein.
so far, only working on linux, once the TC/Iptables wrapper is done, i will need to start over for ipfw :D
which honestly should be easier to support, I bet.
Yeah, unfortunately I don't even have a machine that supports ipfw anymore...
Jeff R. Allen
It's all fun and games until someone gets a cease and desist. 😊
I did learn some useful information, @tylertreat, OSX 10.10 is using pf from openbsd 4.6 (or so I've been told)
OKAY... phew... I got the flag parser for the new functions with pretty fool-proof sanity checking, that was fun. Now I just need to do teardown of the iptables rules and it's done (for TC)