LARTC - Nov 2002 - init scripts to use and save iproute and tc rules

Where can I find any init scripts to use and save iproute and tc rules?


Luis Miguel Cruz Miranda.
CCNA - Systems Administrator

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

On Monday 25 November 2002 17:08, Luis Miguel Cruz Miranda
wrote:
> Where can I find any init scripts to use and save iproute and tc rules?
There is no such script.

Stef


-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Hi folks,

I would like to use the IMQ device and what I have to apply (patches) for
the kernel 2.4.19 and iptables 1.2.7a?

Thank you

Rimas

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

I personally put before the touch''ing of lock files in
/etc.rc.d/init.d/network in the "start" section, and their deletion in
the same under the "stop" case also before the removal of the lock
file

On Mon, 2002-11-25 at 14:08, Luis Miguel Cruz Miranda
wrote:
> Where can I find any init scripts to use and save iproute and tc rules?
> 
> 
> Luis Miguel Cruz Miranda.
> CCNA - Systems Administrator
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

On Tuesday 26 November 2002 11:02, Rimas wrote:
> Hi folks,
>
> I would like to use the IMQ device and what I have to apply (patches) for
> the kernel 2.4.19 and iptables 1.2.7a?
See the IMQ pages :
http://trash.net/~kaber/imq

Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.oftc.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

|Where can I find any init scripts to use and save iproute and tc rules?
]- here is one for tcng for mandrake, u can easly change it for tc (just edit
start() ) to suit your needs


#!/bin/sh
#
# tcng:       Starts the tcng Server
#
# Version:      @(#) /etc/rc.d/init.d/tcng 0.1
#
# chkconfig: 2345 90 10
# description: Starts and stops the tcng at boot time and shutdown.
#
# processname: tcng
#
# created : from Raptor
#

#path to the tc command
tc=/sbin/tc
#path to the tcc command
tcc=/arh/bin/com.pl
#where is the tcng config file
tcngConf=/path/tcng/blah.tcng

offMsg=OFF
onMsg=ON
debug=1

# Source function library.
. /etc/rc.d/init.d/functions

isUp () {
    res=`$tc qdisc show dev $1`
    if [ -z "$res" ]; then return 1; fi
    return 0
}

start () {
    gprintf "Starting tcng services: "; echo
    OLDIFS="$IFS"
    IFS="
"
    cmds=`$tcc $tcngConf | grep -v "^#" | sed -e "s/^tc//"`
    for cmd in $cmds; do
        [ $debug -eq 1 ] && gprintf "Execute : $cmd:"
&& echo;
        eval "$tc $cmd"
    done
    touch /var/lock/subsys/tcng
    IFS="$OLDIFS"
}


stop () {
    gprintf "Stopping some/all tcng services: "
    echo
    #if explictly specified shut only these devices
    [ "$1" ] && devs=$*;
#	echo $devs
    for d in $devs; do
        if isUp $d ; then 
    	    gprintf "Flushing : $d"; echo
    	    $tc qdisc del dev $d root
	else gprintf "No traffic control running on : $d"; echo
        fi
#    	    rm -f /var/lock/subsys/tcng-$d	    
    done	
    rm -f /var/lock/subsys/tcng;#this is not the correct behavior 	
}


status () {
     [ "$1" ] && devs=$*;	
#    echo $devs
    for d in $devs; do
        if isUp $d ; 
    	    then gprintf "traffic control on $d : [$onMsg]"; echo;
	    else gprintf "traffic control on $d: [$offMsg]"; echo;
	fi
    done		
}

show () {
    if [ -z "$1" ]; then what=all; else what=$1; fi
    shift
    if [ "$1" ]; then devs=$*; fi	
    for d in $devs; do
	if isUp $d; then
    	    [ "$what" = "all" ] || [ "$what" =
"qdisc" ] && gprintf "`$tc qdisc show dev $d`"; echo
    	    [ "$what" = "all" ] || [ "$what" =
"class" ] && gprintf "`$tc class show dev $d`"; echo
    	    [ "$what" = "all" ] || [ "$what" =
"filter" ] && gprintf "`$tc filter show dev $d`";
echo
	fi
    done
}


parse () {
    echo "$1" | perl -ne ''
	$_ =~ s/(\d+?:\d+?)/$1/gs;
	print $_
    '' 
}

stat () {
    [ -z "$1" ] || [ -z "$2" ] && gprintf
"qdisc|class or device has to be specified !!!" && echo
&& exit;
    parse "`$tc -s $1 show dev $2`"
}

devs=`ifconfig -a | grep ''^\w'' | grep -v lo | cut -f 1 -d
'' ''`
command=$1
shift;

case "$command" in
  start) start ;;
  stop)	stop $@ ;;
  status) status $@ ;;
  show) show $@ ;;	
  stat) stat $@ ;;
  restart)
	gprintf "Restarting tcng. "; echo
	stop $@
	start $@
	;;
  *)
	gprintf "*** Usage: 
	    tcng {start|stop|status|restart} [devices]
	    tcng show [all|qdisc|class|filter] [devices]
	    tcng stat [qdisc|class] [devices]
	"; echo
	exit 1
esac

exit 0

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Dear Guru

I do not know if here is the most apropriated place to send this.
If it is not please send me some good directions.

I am trying to configure a FTP server behind two consecutives packet
filters:

Internet <--->  Filter 1  <-->  Filter 2  <--> FTP SERVER

At Filter 1 I have:

INET_IFACE=eth1
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -p TCP -d $STATIC_IP  \
      --dport 21 -j DNAT --to-destination 192.168.20.2
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -p TCP -d $STATIC_IP  \
      --dport 20 -j DNAT --to-destination 192.168.20.2


When I launch ftp at the client I can see the following output thru inner
ethernet card (Filter 1 <--> Filter 2):

# tcpdump -e -p -n -i eth0 host 200.231.48.43
User level filter, protocol ALL, datagram packet socket
tcpdump: listening on eth0
11:50:39.261845 0:0:0:0:0:0 0:6:5b:28:62:b2 ip 74: 200.231.48.43.1291 >
192.168.20.2.ftp: S 1376590181:1376590181(0) win 5840 <mss
1460,nop,nop,timestamp 31629423 0,nop,wscale 0> (DF)

180 packets received by filter

# arp -an
? (200.231.48.97) at 00:60:1D:03:7F:41 [ether] on eth1
? (192.168.30.2) at 00:50:DA:27:5B:41 [ether] on eth0

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref  Use  Iface
192.168.30.0    0.0.0.0         255.255.255.252 U     0      0      0  eth0
192.168.20.0    192.168.30.2    255.255.255.0   UG    0      0      0  eth0
0.0.0.0         200.231.48.97   0.0.0.0         UG    0      0      0  eth1

As one can also see, the destination IP address was correctly changed but
the destination ethernet address is 0:0:0:0:0:0 !!
I can''t see this packet going out from Filter 2 to FTP server.
Shoudn''t this frame have the destination ethernet address
00:50:DA:27:5B:41 which is the gateway for network 192.168.20.0??

What am I missing?

# uname -a
Linux gateway 2.4.10 #1 Wed Sep 26 17:52:16 BRT 2001 i686 unknown

Ethy H. Brito         /"\
InterNexo Ltda.       \ /  CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
+55 (12) 3941-6860     X   ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
S.J.Campos - Brasil   / \

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/