LARTC - Jul 2005 - limiting upload speeds does not work

Hello, I want only a very simple thing, but I have been unable to get it working
so far. I would like to shape my DC++ traffic firmly to certain speeds. I am
using an embedded linux router (asus wl500g), and a NATed PC (address
192.168.1.100). eth1 is a WAN interface and br0 is the LAN interface of the
router.DC++ client is running on 4111 ports(tcp and udp) I actually managed to
shape download wth this script:
iptables -t mangle -A FORWARD -p tcp --dport 4111 -j MARK --set-mark 1
tc qdisc add dev br0 root handle 1:0 htb default 0
tc class add dev br0 parent 1:0 classid 1:1 htb rate 1024kbit
tc class add dev br0 parent 1:1 classid 1:11 htb rate 256kbit
tc filter add dev br0 parent 1:0 protocol ip handle 1 fw flowid 1:11
And I thought it would be similar with upload, but it is not, I tried this
script:
iptables -t mangle -A FORWARD -p tcp --sport 4111 -j MARK --set-mark 2
tc qdisc add dev eth1 root handle 2:0 htb default 0
tc class add dev eth1 parent 2:0 classid 2:1 htb rate 1024kbit
tc class add dev eth1 parent 2:1 classid 2:11 htb rate 256kbit
tc filter add dev eth1 parent 2:0 protocol ip handle 2 fw flowid 2:11
but it did not work. However, the problem seems to be in the way how I mark
packets since when I type this:
iptables -t mangle -A FORWARD -i br0 -j MARK --set-mark 2
or this:
iptables -t mangle -A FORWARD -s 192.168.1.100 -j MARK --set-mark 2
upload immidiately goes to 64kbits or something, but so does everything else too
- which is not exactly what I am trying to accomplish;-).
Since I am running out of ideas, have you got any? Or even an completely
different approach to the problem?
Thanks in advance,
Tomas

Tomáš Hnyk wrote:
> Hello, I want only a very simple thing, but I have been unable to get it
working so far. I would like to shape my DC++ traffic firmly to certain speeds.
I am using an embedded linux router (asus wl500g), and a NATed PC (address
192.168.1.100). eth1 is a WAN interface and br0 is the LAN interface of the
router.DC++ client is running on 4111 ports(tcp and udp) I actually managed to
shape download wth this script:
> iptables -t mangle -A FORWARD -p tcp --dport 4111 -j MARK --set-mark 1
> tc qdisc add dev br0 root handle 1:0 htb default 0
> tc class add dev br0 parent 1:0 classid 1:1 htb rate 1024kbit
> tc class add dev br0 parent 1:1 classid 1:11 htb rate 256kbit
> tc filter add dev br0 parent 1:0 protocol ip handle 1 fw flowid 1:11
> And I thought it would be similar with upload, but it is not, I tried this
script:
> iptables -t mangle -A FORWARD -p tcp --sport 4111 -j MARK --set-mark 2
> tc qdisc add dev eth1 root handle 2:0 htb default 0
> tc class add dev eth1 parent 2:0 classid 2:1 htb rate 1024kbit
> tc class add dev eth1 parent 2:1 classid 2:11 htb rate 256kbit
> tc filter add dev eth1 parent 2:0 protocol ip handle 2 fw flowid 2:11
> but it did not work. However, the problem seems to be in the way how I mark
packets since when I type this:
> iptables -t mangle -A FORWARD -i br0 -j MARK --set-mark 2
> or this:
> iptables -t mangle -A FORWARD -s 192.168.1.100 -j MARK --set-mark 2
> upload immidiately goes to 64kbits or something, but so does everything
else too - which is not exactly what I am trying to accomplish;-).
> Since I am running out of ideas, have you got any? Or even an completely
different approach to the problem?
> Thanks in advance,
> Tomas
Probably ports alone are not enough, I suppose DC will make outgoing 
connections so src port will be anything and dst port will be whatever 
the peer chose to run DC on.

There are projects called ipp2p and l7 filter that are made to match P2P 
- I don''t use them myself so can''t say if they work well with
DC.

Another way would be to mark the traffic from 192.168.1.100 that you 
know is not from DC and then mark any unmarked packets as DC.

Andy.