Hi all && happy new Year ;)
I''m try to made a script for shaping my outgoing traffic, but it
doesn''t
work fine.
The script work good if all packets go thru the default class, but, if I
try to send packets by other class, the packes doesn''t go by this class
go also by the default class.
This script is installed in a router linux with ip masquerading for the
clients.
¿how I can classify the packets in this classes?
thx 4 all ;) and sorry for my (bad) english :P
##### My script ######
#!/bin/bash
#QoS ;)
DEV=eth1
RATEUP=100 #En KiloBytes
# borro las bandas
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
iptables -F #también las relgas iptables
#creacion del arbol de bandas
tc qdisc add dev $DEV root handle 2: htb default 60
tc class add dev $DEV parent 2: classid 2:1 htb rate 120kbps ceil
${RATEUP}kbps
tc class add dev $DEV parent 2:5 classid 2:50 htb rate
$[70*$RATEUP/100]kbps ceil ${RATEUP}kbps
tc class add dev $DEV parent 2:6 classid 2:60 htb rate
$[20*$RATEUP/100]kbps ceil ${RATEUP}kbps prio 1
tc class add dev $DEV parent 2:7 classid 2:70 htb rate
$[10*$RATEUP/100]kbps ceil ${RATEUP}kbps prio 2
#asociacion de colas sfq con bandas
tc qdisc add dev $DEV parent 2:50 handle 50: sfq
tc qdisc add dev $DEV parent 2:60 handle 60: sfq
tc qdisc add dev $DEV parent 2:70 handle 70: sfq
#se asocian marcas con bandas
tc filter add dev $DEV protocol ip parent 2: handle 5 fw classid 2:50
tc filter add dev $DEV protocol ip parent 2: handle 6 fw classid 2:60
tc filter add dev $DEV protocol ip parent 2: handle 7 fw classid 2:70
#reglas de filtrado
#tc filter add dev $DEV parent 2: protocol ip prio 0 u32 match ip dport
21 0xffff flowid 2:50 #envia algo
#tc filter add dev $DEV parent 2: protocol ip prio 0 u32 match ip dport
20 0xffff flowid 2:50 #envia algo
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Sunday 04 January 2004 12:30, saptah wrote:> Hi all && happy new Year ;) > > I''m try to made a script for shaping my outgoing traffic, but it doesn''t > work fine. > The script work good if all packets go thru the default class, but, if I > try to send packets by other class, the packes doesn''t go by this class > go also by the default class. > > This script is installed in a router linux with ip masquerading for the > clients. > > ¿how I can classify the packets in this classes? > > thx 4 all ;) and sorry for my (bad) english :PNo problem. Are you trying to match ftp traffic? Is so, you can have a problem because ftp can use dynamic ports. So it''s not easy to filter out ftp traffic. You also use a combination of fw and u32 filter. But for that fw filter, I don''t see the needed iptables rules. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi all, The ftp uses dynamic ports in source not in destiny so it is possible mark ftp traffic and shape. []´s Anderson> On Sunday 04 January 2004 12:30, saptah wrote: > > Hi all && happy new Year ;) > > > > I''m try to made a script for shaping my outgoing traffic, but it doesn''t> > work fine. > > The script work good if all packets go thru the default class, but, if I> > try to send packets by other class, the packes doesn''t go by this class> > go also by the default class. > > > > This script is installed in a router linux with ip masquerading for the> > clients. > > > > ¿how I can classify the packets in this classes? > > > > thx 4 all ;) and sorry for my (bad) english :P > No problem. > Are you trying to match ftp traffic? Is so, you can have a problem because> ftp can use dynamic ports. So it''s not easy to filterout ftp traffic.> You also use a combination of fw and u32 filter. But for that fw filter, I> don''t see the needed iptables rules. > > Stef > > -- > stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.openprojects.net > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/>__________________________________________________________________________ Acabe com aquelas janelinhas que pulam na sua tela. AntiPop-up UOL - É grátis! http://antipopup.uol.com.br/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Le mar 06/01/2004 à 16:53, andybr a écrit :> Hi all, > > The ftp uses dynamic ports in source not in destiny so > it is possible mark ftp traffic and shape.Use CONNMARK to mark packet it put the same MARK on all the packet of the connection. So mark follow any non-linear protocol recognized by Netfilter. For more information on usage see : http://home.regit.org/connmark.html BR, -- Eric Leblond NuFW, Now User Filtering Works (http://www.nufw.org)