Hi list,
I''m trying to do qos based on HTB, in my linux box wich is my firewall
and transparent proxy, and I don''t have the possibility to put other
machine to make proxy.
Well, If I up my htb scripts, the proxy will be limited to serve my LAN
as a external site and limited to the limit of 768kbits, even making two
classes, tryn to limit it traffic to the maximun bandwidth of my network
NIC.
I try to make a script to manage this, but it simply don''t work.
Take a look:
#eth0 is my internal LAN card.
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1:0 htb default 40
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit burst 15k
tc class add dev eth0 parent 1: classid 1:2 htb rate 768kbit burst 15k
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 100mbit ceil
100mbit burst 15k
tc class add dev eth0 parent 1:2 classid 1:20 htb rate 384kbit ceil
768kbit burst 15k
tc class add dev eth0 parent 1:2 classid 1:30 htb rate 256kbit ceil
768kbit burst 15k
tc class add dev eth0 parent 1:2 classid 1:40 htb rate 128kbit ceil
768kbit burst 15k
#The author then recommends SFQ for beneath these classes:
tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev eth0 parent 1:20 handle 20: sfq perturb 10
tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10
tc qdisc add dev eth0 parent 1:40 handle 40: sfq perturb 10
#Add the filters which direct traffic to the right classes:
tc filter add dev eth0 protocol ip parent 1:1 prio 0 handle 6 fw flowid 1:10
U32="tc filter add dev eth0 protocol ip parent 1:2 prio 1 u32"
$U32 match ip dport 80 0xffff flowid 1:20
$U32 match ip sport 25 0xffff flowid 1:30
The traffic to squid has a firewall mark 0x6 on it, but I limited to
768kbits on downloads to port 3128...
Any Ideas ? Is it possible to do?
Thanks in advance,
--
William Henrique Siqueira Marques
wmarques@vmlinuz.com.br
