Hello Everyone, We have a standalone Debian Wheezy box for game/web/VoIP server. My problem is that somehow the inbound traffic is limited to 4kbit/s to 8kbit/s by default whereas it''s set to 3*full/10 with 9*full/10 ceiling. The interface is set to 100Mbit/sec and it actually gives that performance with the corresponding outbound traffic limits. Naturally when I stop shorewall this phantom limit disappears. I think I did everything by the book but I might have missed something. So I would like to set the default outbound limit to what''s in the tcclasses and certain inbound ports to their appropriate values. (The dump files are in the attachment with the config files). There is another favour I''d like to ask: I never had the chance to show my firewall settings to anyone with more experiences and I am not very confident whether they are good enough. We have had a targeted DoS in the past straight after this box was set up in the last year but apparently these settings have solved that issue. May I ask you guys to please have a look at the files and share your suggestions if there is any. Many thanks in advance Regards Tony ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j
On 06/08/2013 04:23 AM, Tony Sprader wrote:> Hello Everyone, > > We have a standalone Debian Wheezy box for game/web/VoIP server. My > problem is that somehow the inbound traffic is limited to 4kbit/s to > 8kbit/s by default whereas it''s set to 3*full/10 with 9*full/10 ceiling. > The interface is set to 100Mbit/sec and it actually gives that > performance with the corresponding outbound traffic limits. Naturally > when I stop shorewall this phantom limit disappears. > > I think I did everything by the book but I might have missed something. > So I would like to set the default outbound limit to what''s in the > tcclasses and certain inbound ports to their appropriate values. (The > dump files are in the attachment with the config files). >This sounds like Shorewall FAQ 97a. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j
Hey Tom, Thanks for the help mate, it works brilliant now. And thanks for your contribution to GNU/Linux. Regards Tony On 8 June 2013 15:18, Tom Eastep <teastep@shorewall.net> wrote:> On 06/08/2013 04:23 AM, Tony Sprader wrote: > > Hello Everyone, > > > > We have a standalone Debian Wheezy box for game/web/VoIP server. My > > problem is that somehow the inbound traffic is limited to 4kbit/s to > > 8kbit/s by default whereas it''s set to 3*full/10 with 9*full/10 ceiling. > > The interface is set to 100Mbit/sec and it actually gives that > > performance with the corresponding outbound traffic limits. Naturally > > when I stop shorewall this phantom limit disappears. > > > > I think I did everything by the book but I might have missed something. > > So I would like to set the default outbound limit to what''s in the > > tcclasses and certain inbound ports to their appropriate values. (The > > dump files are in the attachment with the config files). > > > > This sounds like Shorewall FAQ 97a. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > ------------------------------------------------------------------------------ > How ServiceNow helps IT people transform IT departments: > 1. A cloud service to automate IT design, transition and operations > 2. Dashboards that offer high-level views of enterprise services > 3. A single system of record for all IT processes > http://p.sf.net/sfu/servicenow-d2d-j > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j
On Jun 9, 2013, at 9:17 AM, Tony Sprader <agentgates@gmail.com> wrote:> Hey Tom, > > Thanks for the help mate, it works brilliant now. And thanks for your contribution to GNU/Linux.You are welcome Tony. Glad to hear that you got it sorted… -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j