search for: tc_enable

Displaying 20 results from an estimated 46 matches for "tc_enable".

2004 Aug 16
1
CLEAR_TC=Yes & TC_ENABLED=No
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I found a problem with my tcstart script. First I was running system TC enabled for testing and then to stop all TC I changed TC_ENABLED=No. But I started to wonder why shorewall restart did _not_ clear TC rules after TC was disabled? So I checked firewall and found out that if TC_ENABLED=No TC_CLEAR is disabled automatically. Question is: should TC_ENABLED=No disable CLEAR_TC? Now it''s doing so. Shorewall is version 2...
2006 Mar 03
3
tcdevices Error
Version 3.0.5 with the two-devices setup (eth0 - net, eth1 - loc). Kernel 2.4.29 tcdevices, tcrules, and tcclasses are clones of the wondershaper example (http://www.shorewall.net/traffic_shaping.htm) with eth0 replacing ppp. With TC_ENABLED=Internal in shorewall.conf: ---- Validating /etc/shorewall/tcdevices... Validating /etc/shorewall/tcclasses... ERROR: device A seems not to be configured in tcdevices ---- No errors with TC_ENABLED=No although the line "Setting up Traffic Control Rules..." is printed. Shouldn'...
2003 Jul 21
4
shorewall 1.4.6 question
why say: Shorewall has detected the following iptables/netfilter capabilities: NAT: Available Packet Mangling: Available Multi-port Match: Available Connection Tracking Match: Not available not available ? modules is loaded. or for rule = 0 ? TC_ENABLE=Yes say Error: Traffic Control requires Mangle
2011 Apr 23
6
TC: Simple and complex configs interplay
Hello, From a user perspective, the simple (tcpri) and complex TC configs offers two rather distinct choices. A user can very well be OK with only using the simple way and that''s very fine. Then again, even in doing so, the more complex config options are available. What is the interplay between the two as far as having some parameters configured in both at the same time ? So far
2012 Sep 20
1
Debian Lenny very simple traffic shaping not working
Hi, I am trying to do the simplest configuration of traffic shaping. So I did: shorewall.conf TC_ENABLED=Simple tcinterfaces eth0.2 External 500kbit tcdevices eth0.2 500kbit 200kbit And I am testing the speed on that interface - whether I did it ok or not, and my speed is still 4mbit/512kbit. So the question is - How to reduce the speed on interface connected to t...
2012 Jul 04
0
Shorewall 4.5.6 RC 1
...ndling wildcard interfaces with the ''wait=n'' option was incorrect. For each matching interface, the script would check its readiness n times in rapid succession. The script now sleeps 1 second between checks. 2) Previously, the tcrules file was not processed when TC_ENABLED=No. That meant that to use features like TPROXY without also using traffic shaping, it was necessary to set TC_ENABLED=Yes and create a dummy /etc/shorewall/tcstart file. Now, only MANGLE_ENABLED=Yes is required. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfathe...
2012 Jul 04
0
Shorewall 4.5.6 RC 1
...ndling wildcard interfaces with the ''wait=n'' option was incorrect. For each matching interface, the script would check its readiness n times in rapid succession. The script now sleeps 1 second between checks. 2) Previously, the tcrules file was not processed when TC_ENABLED=No. That meant that to use features like TPROXY without also using traffic shaping, it was necessary to set TC_ENABLED=Yes and create a dummy /etc/shorewall/tcstart file. Now, only MANGLE_ENABLED=Yes is required. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfathe...
2013 Jun 28
3
Bandwidth limited when shorewall is enabled
Hi, I''ve been having a really strange thing happen. I can''t remember when it happened, or if it coincided with a shorewall update, but if I have shorewall "running", my 100mbps connection is limited to about 1-6mbps per connection. This is with TC/Shaping/QoS disabled or enabled. I have no idea if its shorewall doing something funky or ipables or what, but if I
2003 Aug 29
1
transparent proxy with shorewall
Hi, I followed the instructions posted on the shorewall web page for transparent proxy, but I still cannot get it to work. I have almost the same setup as described on the web, running squid on dmz, eth1, and the loc on eth2. I can see that packets going out from the fw, they are not sent to the squid proxy, and if I try to telnet to the squid proxy to port 80, where I should be directed to
2004 Nov 24
14
traffic shaping on ftp server don''t work
Having study a number of documents on linux traffic shaper, I started to setup my shaping rules in my network. My linux box is running RH AS3 U3, shorewall 2.0.9. It is using PPPoE connected to the Internet firewall: eth0: connect to the adsl modem eth1: private net ppp0: virtual dial up interface for pppoe There is a ftp server on the private net It is listen for port 21 and configured
2012 Nov 20
3
Simple Traffic Shaping Problem
Hello, I have a problem with simple traffic shapping in shorewall, my current configuration is: zones vlan10 ipv4 # interfaces vlan10 vlan10 detect tcpflags,routeback shorewall.conf TC_ENABLED=Simple tcinterfaces vlan10 Internal 1mbit:50kb shorewall show tc Device vlan10: qdisc prio 5: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 Sent 25341476 bytes 45125 pkt (dropped 0, overlimits 0 requeues 0) backlog 0b 0p requeues 0 qdisc sfq 51: parent 5:1 limit 12...
2003 Jan 14
3
Shorewall-1.3.13
...; then Shorewall won''t clear the current traffic control rules during [re]start. This setting is intended for use by people that prefer to configure traffic shaping when the network interfaces come up rather than when the firewall is started. If that is what you want to do, set TC_ENABLED=Yes and CLEAR_TC=No and do not supply an /etc/shorewall/tcstart file. That way, your traffic shaping rules can still use the ''fwmark'' classifier based on packet marking defined in /etc/shorewall/tcrules. 4. A new SHARED_DIR variable has been added that allows distributi...
2012 Jan 19
3
Problema link balance and internet bank
...eth4 189.36.0.2 track,balance=10 #tcrules 2:T 172.16.11.33 0.0.0.0/0 tcp 80,443 2:P 172.16.11.33 0.0.0.0/0 tcp 80,443 2 $FW 0.0.0.0/0 tcp 80,443 #shorewall.conf RESTORE_DEFAULT_ROUTE=No ROUTE_FILTER=No SAVE_IPSETS=No TC_ENABLED=Internal TC_EXPERT=No TC_PRIOMAP="2 3 3 3 2 3 1 1 2 2 2 2 2 2 2 2" TRACK_PROVIDERS=Yes USE_DEFAULT_RT=No WIDE_TC_MARKS=Yes Thanks in advance -- *Fabiano Stocco** **Sysadmin* Agro Industrial Parati Ltda - Averama 44-3672-8000 44-8444-6635** ---------------------------------------...
2013 Dec 03
5
Multiple ISP + traffic shapping = poor download speed
...============ Yesterday we added VoIP. To do so, we force traffic from our Asterisk server to go throw ISP1 with a dedicated public IP and force the traffic from this dedicated public IP to go to Asterisk server (with IP filtering for security). This works too. Now, my problem is to put QoS (using TC_ENABLED=Internal). I try many configuration but always have the same problem: once the isp1 interface is listed in tcdevices, we have poor download speed. Even with/without other TC configuration. Here is our tcdevices file: ======================== #NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED...
2008 Oct 24
6
routing packet from/to source/destination
Hi all and specially Mr. Tom.... (Please, do not be acid with me please! I am only a newbie, trying learn more about shorewall) I get involved with a Firewall Project in a customer here in my city... In this customer, he has two Internet Providers. So, he ask me how make certain connection following one routing path (like RT_1) and others connections type, following the other routing path
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
...'']'' + do_initialize + export LC_ALL=C + LC_ALL=C + PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin + terminator=startup_error + version= + FW= + SUBSYSLOCK= + STATEDIR= + ALLOWRELATED=Yes + LOGRATE= + LOGBURST= + LOGPARMS= + ADD_IP_ALIASES= + ADD_SNAT_ALIASES= + TC_ENABLED= + LOGUNCLEAN= + BLACKLIST_DISPOSITION= + BLACKLIST_LOGLEVEL= + CLAMPMSS= + ROUTE_FILTER= + NAT_BEFORE_RULES= + DETECT_DNAT_IPADDRS= + MUTEX_TIMEOUT= + NEWNOTSYN= + LOGNEWNOTSYN= + FORWARDPING= + MACLIST_DISPOSITION= + MACLIST_LOG_LEVEL= + TCP_FLAGS_DISPOSITION= + TCP_FLAGS_LOG_LEVEL= + RFC1918_LO...
2004 Aug 07
11
Traffic shaping?
Ok, shaping on Linux is new to me.. so bear with me if i am just stupid. curtain:/etc/shorewall# grep TC shorewall.conf | grep -v ^# TCP_FLAGS_LOG_LEVEL=info TC_ENABLED=Yes CLEAR_TC=Yes TCP_FLAGS_DISPOSITION=DROP curtain:/etc/shorewall# So it should be enabled, right? ---- tcrules ---- 1 eth0 0.0.0.0/0 all 2 eth1 0.0.0.0/0 all 2 eth2 0.0.0.0/0 all 3 fw 0.0.0.0/0 all 20 192.168.0.161/32...
2013 Sep 16
7
Rsync rules for Shorewall
Hi folks, I''m having an issue with rsync between my firewall and an internal box. It seems to be a shorewall issue (or correctly speaking, an issue with my shorewall config) because if I disable shorewall my rsync works fine. And I just can''t find it documented anywhere what I need to do. I have rules like this : root@userver:/etc/shorewall# grep -i Rsync rules
2004 Apr 16
1
Traffic Shaping using Shorewall and WonderShaper
Hi Guys, I''m asking this question again because I have exhausted resources for understanding how to get it to work. I''ve read the howto on getting traffic shaping to work (shorewall''s web site) as well as trying out wondershaper''s htb and cbq scripts. Somehow both does not seem to happen as I want it to. I''ve also read through the lartc
2010 Feb 16
0
Traffic Shaping on a machine that isn't just a firewall
Hi, I''m using Shorewall 4.2.10 in Ubuntu 9.10, and I tried to set up some Traffic Shaping in my network since I share it with my brother and he''s using more than he should. Since this is an old version, I''m using TC_ENABLED=Internal. Everything is working nicely except for the localhost. It falls under the "default" class, and I don''t know how to include it in the second mark. My configuration is: eth1 - 10.0.1.0/24 - Receives the Internet connection from the modem eth0 - 10.0.0.0/24 - LAN that Sh...