Hi I am very unclear about the wonder shaper and a bit of a novice with Unix all together I have a question for you and I hope you can answer Basically my office is getting a couple of people slowing down the network so ive been looking around and found wondershaper What I want to know is that can I rather than having low priority ports have it with high priority ports And the same with high priority hosts... Can I have it so that say for example 192.168.1.2 192.168.1.3 are high priority and port 20 22 80 443 110 25 etc are high priority? Also how do I clear the rules I have made with the script?? If I want it to return to the default for example?? Thanks Chris
On Thursday 01 April 2004 21:03, Chris Winfield-Blum wrote:> Hi I am very unclear about the wonder shaper and a bit of a novice > with Unix all together > > I have a question for you and I hope you can answer > > Basically my office is getting a couple of people slowing down theI would seriously suggest you attempt the social engineering route first if at all possible.> network so ive been looking around and found wondershaper > What I want to know is that can I rather than having low priority > ports have it with high priority ports > > And the same with high priority hosts...Wondershaper seems to essentially allow you to put traffic you don''t like in the dog house. It doesn''t seem to offer a facility to let you pick which ports or hosts constitute high priority traffic.> > > Can I have it so that say for example 192.168.1.2 192.168.1.3 are high > priority and port 20 22 80 443 110 25 etc are high priority?Not as it is written.> Also how do I clear the rules I have made with the script??Try calling it with the keyword ''stop'': bash wshaper.sh stop Which will perform: # clean existing down- and uplink qdiscs, hide errors tc qdisc del dev $DEV root 2> /dev/null > /dev/null tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null> If I want it to return to the default for example?? > > Thanks > > Chris-- Jason Boxman Perl Programmer / *NIX Systems Administrator Shimberg Center for Affordable Housing | University of Florida http://edseek.com/ - Linux and FOSS stuff _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Maybe there is another solution to this problem? The problem is that I have had a couple of users on the network hogging the bandwidth and while we do have a policy implemented sometimes the downloads are genuinely work related (eg downloaded a new version of an application we use for development) Sooo what I NEED is A script that will ensure that ports 80, 25, 110, 443, etc are priority Then that these are then are then "shaped" to not allow one person to hog it all. In an IDEAL situation I would like to break it up into classes Server Class: that has access to ALL ports and are priority for any traffic (maybe I can set them a guaranteed 100Kb/s) User Class: that has priority access (that doesn''t override the server class) to ports 80, 25, 110 etc. Perhaps the remaining 156Kb/s is divided evenly? Any suggestions? Im really NEW to this and would love some example scripts (preferably commently highly :P hehe) This was the address of the other script that I found: http://www.surestorm.com/qos/ I am not "set" on using wondershaper.. Thanks for all your help Chris _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Chris Winfield-Blum wrote:> Maybe there is another solution to this problem? > > The problem is that I have had a couple of users on the network hogging > the bandwidth and while we do have a policy implemented sometimes the > downloads are genuinely work related (eg downloaded a new version of an > application we use for development) > > Sooo what I NEED is > > A script that will ensure that ports 80, 25, 110, 443, etc are priority > Then that these are then are then "shaped" to not allow one person to > hog it all. > > In an IDEAL situation I would like to break it up into classes > > Server Class: that has access to ALL ports and are priority for any > traffic (maybe I can set them a guaranteed 100Kb/s) > > User Class: that has priority access (that doesn''t override the server > class) to ports 80, 25, 110 etc. Perhaps the remaining 156Kb/s is > divided evenly? > > Any suggestions? Im really NEW to this and would love some example > scripts (preferably commently highly :P hehe) > > This was the address of the other script that I found: > http://www.surestorm.com/qos/ > > I am not "set" on using wondershaper.. > > Thanks for all your help > > Chris >Wondershaper and other such scripts are good examples, but if you want very fine-grained control of your traffic shaping, you''ll probably want to write your own script (or at least tweak one). Don''t be intimidated by the apparent complexity of the examples you see -- although the commands for shaping traffic are probably unlike anything you''ve seen before, they''re not hard to understand after reading the available documentation. Of course, www.lartc.org is a good place to start. Look through chapter 9, but don''t worry if you don''t understand everything the first time. The qdisc you want to use is htb (as you can see, that''s the heart of wondershaper), and there''s a good in-depth description at: http://luxik.cdi.cz/~devik/qos/htb/ (follow the link for "user guide"). -Corey _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
> Chris Winfield-Blum wrote: > > Hi I am very unclear about the wonder shaper and a bit of a novice > with Unix all together > > I have a question for you and I hope you can answer > > Basically my office is getting a couple of people slowing down the > network so ive been looking around and found wondershaper > > What I want to know is that can I rather than having low priority > ports have it with high priority portsSure.> And the same with high priority hosts...Of course.> Can I have it so that say for example 192.168.1.2 192.168.1.3 are high > priority and port 20 22 80 443 110 25 etc are high priority?Yes, but be careful with NAT; finding 192.168.1.# can be tough. Also remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m limit --limit ##/second -j ACCEPT iptables -j DROP and make sure that these 2 lines preceed any RELATED, ESTABLISHED accepts. Note that the real iptables rules include either --dport ## or --sport ##, depending on what the rule accomplishes. Note further that downloads are on INPUT so I specify -A INPUT to throttle D/L.> Also how do I clear the rules I have made with the script?? > If I want it to return to the default for example??Read the effing script, man!> > Thanks > > ChrisPlease don''t post using HTML. Here is a modified "wonder" script I call "ultimate"... http://andthatsjazz.net:8/ultimate.txt HTH gypsy _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
gypsy wrote: AFTERTHOUGHT: I should have been more precise:> Yes, but be careful with NAT; finding 192.168.1.# can be tough. Also > remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not > "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m > limit --limit ##/second -j ACCEPT > iptables -j DROP > and make sure that these 2 lines preceed any RELATED, ESTABLISHED > accepts. Note that the real iptables rules include either --dport ## or > --sport ##, depending on what the rule accomplishes. Note further that > downloads are on INPUT so I specify -A INPUT to throttle D/L.iptables is "rate limiting" not "shaping". NATted users are rate limited on the FORWARD chain, not INPUT. gypsy _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
gypsy wrote:> Also > remember YOU DO NOT SHAPE DOWNLOADS! HTB can only "police" D/L, not > "shape". You must use iptables or IMQ to "shape" D/L; I use iptables -m > limit --limit ##/second -j ACCEPT > iptables -j DROP > and make sure that these 2 lines preceed any RELATED, ESTABLISHED > accepts. Note that the real iptables rules include either --dport ## or > --sport ##, depending on what the rule accomplishes. Note further that > downloads are on INPUT so I specify -A INPUT to throttle D/L. >If you use htb or other shaping qdiscs on a router, you can set it up so that it sees packets that are leaving both interfaces and can therefore shape traffic in both directions. Sure, you can''t shape traffic destined for the router itself, but that''s rarely an issue. -Corey _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/