Beta 3 is now available for testing.
The new feature in this release is the improved handling of IN-BANDWIDTH
that I''ve been working on with Simon.
The handling of IN_BANDWIDTH in both /etc/shorewall/tcdevices and
/etc/shorewall/tcinterfaces has been changed. Previously:
a) Simple rate/burst policing was applied using the value(s)
supplied.
b) IPv4 and IPv6 were policed separately.
Beginning with this release, you have the option of configuring a
rate estimated policing filter. This type of filter is discussed at
http://ace-host.stuart.id.au/russell/files/tc/doc/extimators.txt.
You specify an estimeting filter by preceding the IN-BANDWIDTH with
a tilde (''~'').
Example: ~40mbit
This example limits incoming traffic to an *average* rate of 40mbit.
There are two other other parameters that can be specified, in
addition to the average rate - <interval> and
<decay_interval>. There is an excellent description of these
parameters in the document referenced above.
Example: ~40mbit:1sec:8sec
In that example, the <interval> is 1 second and the
<decay_interval> is 8 seconds. If not given, the default values are
250ms and 4 seconds. Both parameters must be supplied if either is
supplied.
Also in this release, the policing of IPv4 and IPv6 has been
combined so a single filter is applied to all traffic on a
configured interface.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct