Hi. I''m planing to stop users from hosing my link with kazaa and other p2p clients that make high number of connections to the net. On my cable modem the speed drops exponently whit the number of established connections or connection attempts. I''ll use HTB over ESFQ (if i remembered names corectly), but i can''t find any info on ESFQ. I checked the kernel (2.4.20) QOS options and i can''t see ESFQ anywhere. From what i heared only with ESFQ i can limit the number of connections made from my SNAT to the net. So where can I get any info on ESFQ? Where can i get the patches? If any1 know, will the collide with grsecurity patches? For any other solutions/sudgetions, that would help me shape the number of connections, not just the amount of data that passes thru the line i would be gratefoul. Have a nice day. -Tester _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tuesday 13 May 2003 18:49, Tester wrote:> Hi. > > I''m planing to stop users from hosing my link with kazaa and other p2p > clients that make high number of connections to the net. On my cable modem > the speed drops exponently whit the number of established connections or > connection attempts. > > I''ll use HTB over ESFQ (if i remembered names corectly), but i can''t find > any info on ESFQ. I checked the kernel (2.4.20) QOS options and i can''t see > ESFQ anywhere. From what i heared only with ESFQ i can limit the number of > connections made from my SNAT to the net. > > So where can I get any info on ESFQ? Where can i get the patches?http://www.ssi.bg/~alex/esfq/index.html> If any1 know, will the collide with grsecurity patches?Don''t know.> For any other solutions/sudgetions, that would help me shape the number of > connections, not just the amount of data that passes thru the line i would > be gratefoul.ESFQ is not what you need. You can not limit the number of connections with esfq. What you can do it create a class for each user. So each user has the same right to send something regarding how may connections he opened. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Stef, i have the same problem, do you recomend me using some hashing tables for the filters? i do not get the hang of it..do you have any extra docu(m)? ;) I want hashing filters, otherwise i think the load on the server is going to be massive. I am thinking in one class, and to sub-classes for each user, (interactive and non-interactive) Does it seems right? _________________________________________________________________ Charla con tus amigos en lĂnea mediante MSN Messenger: http://messenger.yupimsn.com/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tuesday 13 May 2003 19:27, GoMi . wrote:> Stef, i have the same problem, do you recomend me using some hashing tables > for the filters? i do not get the hang of it..do you have any extra > docu(m)? ;):) no, I never tried hashing myself.> I want hashing filters, otherwise i think the load on the server is going > to be massive.Or you can use iptables marks (you still need a lot of iptables rules) and use the fw filter. The fw filter can use the iptables mark as hash key. So packets with mark 100 are classified in class x:100.> I am thinking in one class, and to sub-classes for each user, (interactive > and non-interactive) Does it seems right?Good enough I think. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/