LARTC - Jul 2007 - newbie needs policing help

Hi listizens,

Complete tc newbie here.  I''m in a pinch because of a mail assault on a
server.  I''ve firewalled away many of the most egregious offenders but 
non-smtp services are still being DOS''ed because of all the mail
traffic.

Here is what I''ve tried.  (I did say newbie ;)

-----------------
#!/bin/sh
#
# policing parent
tc qdisc add dev eth0 handle ffff: ingress
#
# filter should slow tcp smtpd traffic to 64k max
tc filter add dev eth0 parent ffff: protocol ip prio 50 \
     u32 match ip dport 0x25 0xFFFF match ip protocol 0x06 0xff \
     police rate 55kbit burst 9k drop flowid :1
-----------------

...but I haven''t the slightest idea how to check up on it.  e.g. with 
iproute2 I could say "ip route list" to see what was in there, but how
can I check tc rules?  "tc qdisk show" gives some cryptic output but
"tc
filter show dev eth0" returns nothing.

(I''m not even sure if the above rules make any sense :(  )

Any helpers out there?

TIA,
Mike Wright :m)

Mike Wright wrote:
> Hi listizens,
> 
> Complete tc newbie here.  I''m in a pinch because of a mail assault
on a
> server.  I''ve firewalled away many of the most egregious offenders
but
> non-smtp services are still being DOS''ed because of all the mail
traffic.
Finally found the Cookbook and that set me on my way.

No wonder I couldn''t figure out what was going on.  I''d been
using the
man pages ;)