search for: connbytes

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=450 Summary: connbytes not working Product: iptables Version: 1.3.5 Platform: i386 OS/Version: All Status: NEW Severity: normal Priority: P2 Component: iptables AssignedTo: laforge@netfilter.org ReportedBy: vselico@vselico.sk...

...rent 1:0 classid 1:1 htb rate 100mbit/sbin/tc class add dev eth0 parent 1:1 classid 1:11 htb rate 512kbit ceil 512kbit/sbin/tc class add dev eth0 parent 1:1 classid 1:12 htb rate 30mbit ceil 30mbit /sbin/iptables --table mangle --append POSTROUTING --out-interface eth0 --protocol tcp --sport 80 -m connbytes --connbytes 1024000: --connbytes-dir reply --connbytes-mode bytes --jump CLASSIFY --set-class 1:11/sbin/iptables --table mangle --append POSTROUTING --out-interface eth0 --protocol tcp --sport 80 --jump CLASSIFY --set-class 1:12 I have tried, without success, to mark the matching packets with ipt...

Hello! Maybe someone needs connmark and connbytes working together? See attached file compatible with pom-ng-20040621 (I called it connmarkbytes :)). Kind Regards, Tomasz Chilinski

Hello, Is it possible to mark packets from particular IP and if it downloads over 100Kbytes, then it enters in CBQ shaper 32kbit/s for example ? My kernel is 2.4.22. If someone experimented with connection bytes patch please answer me. Regards, Todor Neshev _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc

Hi, as I promised in LARTC list I created patch for new connbytes match. It matches packets which bellongs to connection which transfered given range of bytes. For those interested it is at http://luxik.cdi.cz/~devik/connbytes/ It was originaly meant to be used with HTB or other qdisc to reclassify long download streams to lower prio class. devik

Dear All, I want to limit traffic that use by my client to download files directly from browser, I have already limit the traffic for the same purpose to ftp connection. But I don''t want to limit traffic that using for browsing the web. Can I do this with IMQ/HTB or any other method to make this happen. Thank You. Sorry my English is bad. RInto Exandi

Hi, I''ve been wondering if anyone has thought of a way to differentiate between an established http download and interactive http traffic? I would like to give interactive http traffic priority over someone downloading large files. Has anyone any ideas how to detect packets that are part of a download like this? Thanks. _______________________________________________

Hey list I have almost gotten my shaping setup up and running as planned. The last barrier seems to be tcp overshooting availible bandwidth when its starting a transfer, and thereby bursting the line, so ping rises for a moment. At least this is my best guess at the problem :) There is a possibility that its just plain old traffic being bursty for some reason.. I am using bittorrent to test this,

Hello, I setup iproute2 and iptables on my box, is a P4 2000 Ghz / 1GB memory. I have setup squid and iptables to be a transparent proxy, with cache. I''ve read on lartc.org almost everything and i want to ask if there is a u32 match for the connection time or something like that, or an u32 match for the packet number in a connection. All i want to do is shape the web traffic for long

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=533 Summary: PANIC: divide by zero in xt_connbytes Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ip_tables (kernel) AssignedTo: laforge@netfilter.org ReportedBy: xkr47@...

Hi, I have a typical configuration for my firewall/gateway box: single network card, with a pppoe connection to the DSL modem. I''m already successfully shaping the uplink (how come that the wondershaper.htb doesn''t use the ceil parameter? It should implement bandwidth borrowing!) but i found the ingress policy a little bit rough. I''d like to keep the traffic categories

...K RATE: CEIL PRIORITY OPTIONS # DMAX:UMAX eth1 1 100kbps 180kbps 1 tos=0x88/0xfc,tos=0xb8/0xfc eth1 2 full/4 full 2 default -- tcrules --- #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES 1 $FW:w.x.y.z a.b.c.d udp 1194 - - - - 0x18/0xa0 My voip traffic goes into an openvpn vpn tunnel. When I log the Openvpn traffic using a log entry in the rules file I notice that the voip traffic in the tunnel (that I have seen so far) have the fol...

...==================== Here is an extract of our tcrules file: ======================== ###################################################################################################################### #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER # PORT(S) PORT(S) # ISP1 DNS => ISP1 256 0.0.0.0/0 37.X.X.X 256 $FW 37.X.X.X # ISP2 DNS => ISP2 512 0.0.0.0/0 127.X.X.X 512 $FW 127.X.X.X # Google DNS => ISP1 256 0.0.0.0...

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=533 ------- Additional Comments From xkr47@outerspace.dyndns.org 2007-01-18 12:39 MET ------- Created an attachment (id=283) --> (https://bugzilla.netfilter.org/bugzilla/attachment.cgi?id=283&action=view) Suggested fix by me ------- Additional Comments From xkr47@outerspace.dyndns.org 2007-01-18 12:40 MET ------- Created an

I''d like to initially assign all http flows to a interactive priority queue. But if the cumulative amount of traffic exceeds a threshold, I''d like to reassign it to a low priority bulk queue. Say someone is doing an http download of a huge .iso. Is this possible? -- Drew Einhorn

To give fast web browsing on my network, I prioritise http traffic by marking it all into a high priority band (''30''). This generally works quite well, as unidentified traffic such as p2p falls by default into a lower priority band (''40''). However, I would like to de-prioritise anyone doing large downloads over http, which currently get high priority. Is there

Hi sombody know what is happen with Jim diGriz''s QoS Script Web Page ? www.digriz.org.uk/jdg-qos-script Regards _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Hi, It has been quite a while since I looked at what was happening in Linux traffic shaping, so I am not sure if this has been discussed / improved on since I last looked. We use a traffic shaper based on HTB. The basic principals work fine, but we have a problem with ''intermittent trafic'' like http and interactive ssh sessions. Each of these categories of traffic have

Hi, I am currently using a script to shape my outbound ftp traffic. Works great except for 1 thing. When a user goes to list a dir, the listing is also getting shaped. This causes dir listings to be very slow. Is there a way to differentiate the dir listing packets? Here is a my current script: #!/bin/bash #shaping passive and active outbound ftp traffic on an internal computer without

...g.html for a detailed description of # the Netfilter/Shorewall packet marking mechanism. ############################################################################ ########################################## #MARK SOURCE DEST PROTO DEST SOURCE USER TEST LENGTH TOS CONNBYTES HELPER # PORT(S) PORT(S) 1:P eth0 - tcp 22120 2:P eth0 - tcp 22122 ------------------------------------------------------------------------------ Live Security Virtual Conferenc...