Hi, I just installed wondershapper 1.1a on my ipcop firewall box. I have roadrunner cable with a ftp server setup. My download speed is 2mbit (I get 225 KBytes) and my upload is 384kbit (I send at 43 KBytes). What should the settings in wshaper? I can ping yahoo.com at 90msec with little traffic.....and at around 220msec with full upload traffic. Mark _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi, I have wondershaper running on my firewall/router. It has 2 ethernet cards (eth0 and eth1). Eth1 connects to a cablemodem (2mbit down, 384kbit up) and eth0 connects to a switch. I run a ftp server on a machine connected to the swicth. I want to be able to keep my ftp server from affecting my browsing speed. Problem: I don''t see any difference with wondershaper running. I have tried all different speeds and both eth0 and eth1 in wondershaper. Am I doing something wrong? I am testing by pinging yahoo.com. Mark _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi Mark,> I have wondershaper running on my firewall/router. It has 2 ethernet cards > (eth0 and eth1). Eth1 connects to a cablemodem (2mbit down, 384kbit up) and > eth0 connects to a switch. I run a ftp server on a machine connected to the > swicth. > I want to be able to keep my ftp server from affecting my browsing speed. > > Problem: > I don''t see any difference with wondershaper running. I have tried all > different speeds and both eth0 and eth1 in wondershaper.You will want to run the wondershaper on eth1. If you run it on eth0 it will be backwards. You should be able to drop the speeds down to something like DOWNLINK=1800 UPLINK=300 and see some difference. Are you using the htb wondershaper or the old cbq one?> Am I doing something wrong? I am testing by pinging yahoo.com.That''s probabaly not the best test, you should probably check with real HTTP requests. Are you trying to throttle people uploading TO your ftp server (same as you downloads) or downloading FROM your ftp server ? (you uploading) Regards, -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@snapgear.com SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
I am using wondershaper with htb to shape my network. I want to limit only outbound ftp traffic (me uploading) from 192.168.1.101. I am using port 21 for ftp with passive ports 50,000-60,000. What else do I need to put in the config to do this? Here is my config. DOWNLINK=3000 UPLINK=340 DEV=eth1 # low priority OUTGOING traffic - you can leave this blank if you want # low priority source netmasks NOPRIOHOSTSRC=192.168.1.101 # low priority destination netmasks NOPRIOHOSTDST # low priority source ports NOPRIOPORTSRC # low priority destination ports NOPRIOPORTDST Thanks, Mark _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Mark,> I am using wondershaper with htb to shape my network. I want to limit only > outbound ftp traffic (me uploading) from 192.168.1.101. > > I am using port 21 for ftp with passive ports 50,000-60,000.That''s a large range of ports to shape, and other programs might be using them - that''s a problem with passive ftp you can''t easily avoid.> What else do I need to put in the config to do this? Here is my config.You can''t match IP and port with the normal wondershaper script. You also can''t match NATed source IP addresses on your egress qdisc, which means any rule you setup for ports 21, 50000-60000 will apply to all machines on your LAN. What you should probabaly do, is use iptables to mark all outbound traffic from src 192.168.1.101 on port 21, 50000-60000 with TOS 0x08 (Maximum Throughput) and then add another u32 filter into wondershaper tc filter add dev $DEV parent 1:0 protocol ip prio 11 u32 match ip tos 0x08 0xff flowid 1:30 regards -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@snapgear.com SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org --- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/