Hello, I would like to know if its possible to limit bandwidth per IP using shorewall. I have a LAN and inside, clients so what I want to do is to share the bandwidth, but with restrictions. For example, for 192.168.1.20, 128Kbits incoming bandwidth, and for 192.168.1.23, 512kbits. Whats the best way to start? Regards, ________________________________________________ Alejandro Bitran B. ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Alejandro Bitran wrote:> Hello, > > I would like to know if its possible to limit bandwidth per IP using > shorewall. I have a LAN and inside, clients so what I want to do is to > share the bandwidth, but with restrictions. For example, for > 192.168.1.20, 128Kbits incoming bandwidth, and for 192.168.1.23, > 512kbits. Whats the best way to start? > >thios is the best way to start : http://www.shorewall.net/traffic_shaping.htm
On Monday 13 March 2006 13:55, Cristian Rodriguez wrote:> Alejandro Bitran wrote: > > Hello, > > > > I would like to know if its possible to limit bandwidth per IP using > > shorewall. I have a LAN and inside, clients so what I want to do is to > > share the bandwidth, but with restrictions. For example, for > > 192.168.1.20, 128Kbits incoming bandwidth, and for 192.168.1.23, > > 512kbits. Whats the best way to start? > > thios is the best way to start : > http://www.shorewall.net/traffic_shaping.htmBe be warned that you cannot shape incoming traffic -- you can only drop packets on the floor when the incoming rate exceeds a set maximum. So if you are interested in limiting download rates then you must shape traffic going out of your *internal* interface. Suppose that your External interface is eth0. Then you could have in /etc/shorewall/tcrules: 20:F eth1 192.168.1.20 23:F eth1 192.168.1.23 That would assign mark 20 to internet traffic for 192.168.1.20 and mark 23 to 192.168.1.23. Then use the marks to assign the traffic to classes -- one class per IP address. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key