Displaying 20 results from an estimated 700 matches similar to: "Traffic Shaping"
2008 May 11
13
Message flooding of syslog
Greetings;
My syslog is getting 100s of thousands of messages like
the following (these are just a sample); (BTW I am
running Debian/lenny)
> May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0
> May 11 12:41:31 gatekeeper kernel:
2006 Mar 03
3
tcdevices Error
Version 3.0.5 with the two-devices setup (eth0 - net, eth1 - loc).
Kernel 2.4.29
tcdevices, tcrules, and tcclasses are clones of the wondershaper example
(http://www.shorewall.net/traffic_shaping.htm) with eth0 replacing ppp.
With TC_ENABLED=Internal in shorewall.conf:
----
Validating /etc/shorewall/tcdevices...
Validating /etc/shorewall/tcclasses...
ERROR: device A seems not to be
2008 Apr 26
2
Cannot use SSH from dmz to lan
Hello,
The shorewall version is shorewall-3.0.7-1 installed in Centos 5.1 (kernal 2.6.18-53.el5) on March.
Number one problem is:
I edited the policy file was
dmz loc ACCEPT info
I could use 3389 remote desktop to loc Windows 2003 server but couldn''t use SSH (22 port) to loc Linux server. Also I tried open that two ports in
2008 Apr 09
2
Captive Portal with Shorewall
.
"Saluton",
Sorry by my poor english, I speak Portuguese.
I does a captive portal using:
- shorewall
- dhcpd
- thttpd (in port 8080)
- maradns
With Shorewall I use dinamic zones.
The initial zone in shorewall is
configured to redirects access to
internal thttpd port 8080, that
shows a login.cgi page.
With thttpd I rewrite original url.
The apache rewrite is very cool, but
thttpd
2008 Apr 14
1
Per VLAN Bandwidth allocation by Shorewall
Hi,
1. We have 20+ VLANs behind shorewall firewall. We would like to distribute
the Internet bandwidth to different VLANs having minimumm, typical and
maximum values based on IP ranges after NAT e.g., 172.17.4.0/24. What rules
need to be created to do so?
2. We also would like to time the access of internet of some of the VLANs,
i.e., 172.17.4.0/24 should be allowed to access the internet only
2006 Mar 30
3
Difficulty in configuring QOS
Hi,
I''m trying to configure QOS , but I''m don''t have success.
My files:
#/etc/shorewall/tcdevices
#INTERFACE IN-BANDWITH OUT-BANDWIDTH
eth0 256kbit 256kbit
eth1 256kbit 256kbit
eth2 256kbit 256kbit
#/etc/shorewall/tcclasses
#INTERFACE MARK RATE CEIL PRIORITY OPTIONS
eth1
2008 Mar 19
0
block p2p
Hello,
I am trying to block or at least drastically reduced the amount of
wasted bandwidth—due to p2p—on a building wide network. My first
attempt, was to block it out right. I am running debian etch on my
router/proxy/dhcp/dns server. I loaded the ipp2p kernel module and the
iptables module. Then I put the following rule in my rules file:
SECTION ESTABLISHED
REJECT loc net ipp2p:all ipp2p
2007 Mar 13
1
Shorewall and QoS => VoIP Help please
Hi
i want see if my QoS are good because i am not very sure ... the VoIP
quality are not very good when i download.
I have on my Linux routeur/Firewall Asterisk .. and i have into my config :
================================================
tcdevices:
eth0 2000kbit 2000kbit
tcclasses:
eth0 1 100kbit 180kbit 1 tos=0x68/0xfc,tos=0xb8/0xfc
eth0 2 full/4 full
2012 Aug 29
2
tcclasses matching on the TOS field
Hello,
I am trying to set up traffic shaping/control for my voip connection.
I am running 4.4.22.3. Here is my current configuration:
--- tcdevices ---
#NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED
#INTERFACE INTERFACES
eth1 2048kbps 1500kbps
-- tcclasses ---
#INTERFACE:CLASS MARK RATE: CEIL PRIORITY OPTIONS
# DMAX:UMAX
eth1 1 100kbps
2008 Mar 05
2
Shorewall & IFB
Hello Tom!
After i read and analyze some docs about IFB i decide that for implement
this feature in Shorewall not need more efforts (of course i may be wrong).
If we have 'ifb0' device then we must activate ingress discipline on real
device (f.e. eth2) and redirect 'egress' from it to 'ifb0'.
tc qdisc add dev eth2 ingress
tc filter add dev eth2 parent ffff: protocol ip
2006 Mar 09
3
Shaping questions
Hello Shorewall users,
I have some questions I am hoping someone can answer. I have searched
around the archives but so far I have been unable to find answers. I
am trying to configure traffic shaping on my router/firewall box
running Shorewall 3.0.5/kernel 2.4.31 and have run into some
problems/questions.
My basic set up is: 1500/256kbit ADSL (PPPoE/ppp0) -> Shorewall box
2006 May 01
1
Traffic Shaping with Shorewall
Does anyone here implement traffic shaping with shorewall? I need to shape
BitTorrent traffic on my network so that upload/downloads do not overwhelm
normal function or, even more importantly, my imminent conversion to VOIP for
all telephone service. I followed the shorewall documentation guide but am
not sure if what I have done is the Right Way Of Doing Things. Nor am I
satsified with the
2007 Jan 04
3
TC again - now working on VPN traffic
Hi!
It''s me again bothering you guys, what I want to do is to give full
bandwidth to VPN traffic and limit the rest to 30KB/s (kilobytespersecond),
ok?
Here''s what I have:
tcclasses
##################################
eth0 1 1kbps 70kbps 1
eth0 2 1kbps 30kbps 2 default
eth1 3 15kbps 10000kbps 1
eth1 4
2013 Oct 03
7
TCCLASSES vs Providers
Hi, I want to configure QoS in my shorewall conf but I have a doubt.
Now I am using tcrules with prerouting and with the file providers, like
this.
2:P 192.168.0.11 0.0.0.0/0 tcp 25
So, with this way I route my smtp traffic with my provider number 2.
Well, now I want to configure QoS with tcclasses and tcdevices, but if I do
that I need to use the MARK in the tcclasses
So, how
2005 Dec 27
0
HTB: quantum of class 10001 is big. Consider r2q change.
Hi,
I have this message in my syslog:
HTB: quantum of class 10001 is big. Consider r2q change.
I don''t know why it''s there. I think all my setup is right. I am
shaping traffic from my web server. It lives at three IP addresses,
first is fast (and most important - aaa.bbb.ccc.1), second slower
(aaa.bbb.ccc.2), third slowest (aaa.bbb.ccc.3). Total bandwidth is
2700kBps. Other
2007 May 04
0
Pls help on Shorewall installation
Hi all,
This might be more suitable for the shorewall list, but no one has replied yet
for several days. I'm trying bandwidth management feature of
shorewall-3.4.1-3 on Centos 4.4
with no updates.
I've got this error:
May 4 22:30:14 gateway shorewall: ERROR: Command "tc qdisc add dev eth0
root handle 1: htb default 13" Failed
I've checked the kernel conf (make
2010 May 29
1
IFB0 throughput 3-4% lower than expected
I have two boxes for the purpose of testing traffic control and
my knowledge thereof (which is at the inkling stage). The boxes are
connected by 100Mbit ethernet cards via a switch.
For egress traffic via eth0 I achieve a throughput that is close to the
specified CEILing, particularly for values above 1mbit. Ingress traffic
does not seem so well behaved. Above about 1mbit rates achieved are
2013 Nov 14
1
Possible bug: TC with HFSC fails to load if umax is not provided
I stumbled upon a problem while upgrading Ubuntu 13.04, Shorewall version
from 4.4.26.1 to 4.5.16.1.
Everything was working fine before, after upgrading the script wouldn''t
start.
First some config files.
tcdevices:
#INTERFACE IN-BANDWIDTH OUT-BANDWIDTH OPTIONS REDIRECTED
eth1 - 6300kbit hfsc,classify
ifb0 - 6300kbit hfsc
2009 Jun 18
0
Shorewall 4.2.10
The Shorewall team is pleased to announce the availability of Shorewall
4.2.10. Astute users will notice that the version of Shorewall-perl
included in this release is 4.2.10.1. We corrected a problem which was
discovered after the release was initially uploaded, and we wanted to
avoid the confusion that would inevitabley result if we were to release
a different set of code with the same version
2012 Sep 27
5
Understanding IFB
I''m experiencing a problem with masquerade downloads saturating my
internet connection. I''ve implemented an IFB and now am looking into
flow keys. Although I''ve read the documentation, I''m not sure I have
this right. Can someone help?
/etc/shorewall/params:
MID_IF=eth0
MID_IF_TC=1
INET1_IF=eth1
INET1_IF_TC=2
INET1_IFB_IF=ifb0
INET1_IFB_TC=3
Note: MID_IF