similar to: incoming traffic + iptable

Displaying 20 results from an estimated 3000 matches similar to: "incoming traffic + iptable"

2007 Sep 25
2
incoming traffic
Hello, i made this script : tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 1 u32 match ip src 138.96.20.0 police index 1 rate 20000kbit burst 20000kbit drop flowid :1 tc filter add dev eth0 parent ffff:1 protocol ip prio 1 u32 match ip src 138.96.20.23 police index 2 rate 15000kbit burst 15000kbit drop flowid :2 tc filter add dev eth0 parent
2007 Feb 27
2
Incoming traffic
Hello, with the command : tc filter add dev eth0 parent ffff: protocol ip u32 patch ip src 192.168.2.6police rate 10000kbit burst 10000kbit drop flowid :1 we can limit traffic coming from 192.168.2.6. I would like: for 192.168.1.2, 192.168.1.4 limit to 10mbit for 192.168.1.3, 192.168.1.5 limit to 20mbit other ip would have no limit. Is it possible with tc ? Regards Olivier.
2006 Jun 16
3
tc ingress policing with multiple subnets
Hello everybody on the list, I have the following situation where I want to police the speed of incoming packets from specific subnets to 1024kbps and then police all the rest to 256kbps, which is the speed my ISP grants for the rest of the internet. So, eth1 is the one connected to the cable modem and then to the internet. I do: tc qdisc add dev eth1 ingress handle ffff: then: tc filter
2007 Jul 30
17
tc n00b
Hi everyone, I''m new to tc but I need to use it to set up shaping on a new NAT box. In short: Each user must have their upload limited to 128kbit and downlink limited to 256kbit. Global bandwidth to be limited to 100Mbit Interactive packets to have higher priority 200+ users, so need to match packets fast So far I have managed to get the download limits working. However I need to
2006 Aug 16
4
How to bypass traffic control for one IP
Hi all, i have a problem: i have an adsl modem that is connected to internet. I can''t manage this modem. Between my PC and the modem i have a linux firewall that make the NAT and the traffic shapping. I have create a script that limit the bandwidth of the "external" interface of the firewall so i can manage my bandwidth for my internet application. The problem is that i need to
2007 Jan 16
8
egress bandwidth not limited / limited extremely inaccurately
I''m just-so-fresh to the list, so hello everyone. I''m having a realy hard time with setting up very simple bandwidth management. What I am trying to do is setup a 10Mbit interface to send at only 1920kbit to most of the network (to make sure it hardly ever tops 2mbit). I did succeed with the ingress traffic... With egress however, I get very odd results at different speeds. With
2007 Jul 26
3
tc filter not work, why?
I try to use tc on mips with linux-2.4.18 but the u32 filter dosn''t work I added htb qdisc to linux-2.4.18 and use it to limit the speed in LAN, it only work well on the default class, for example tc qdisc add dev eth0 root handle 1: htb default 10 tc class add dev eth0 parent 1:0 classid 1:1 htb rate 2000kbit tc class add dev eth0 parent 1:1 classid 1:10 htb rate 500kbit ceil 500kbit
2002 May 21
5
ingress and egress
ingress can be used to control the incoming packet, such as: tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 5 u32 match ip src 172.16.1.11 police rate 10kbit burst 10k drop flowid :1 tc filter add dev eth0 parent ffff: protocol ip prio 5 u32 match ip src 172.16.1.22 police rate 10kbit burst 10k drop flowid :2 first ,I do not sure these method can
2007 Jun 20
8
Why does scp stall on low bandwidth connections?
Hi, I am new to tc and have been reading quite a bit on how to set it up etc. Everything seems to be working fine, until I started scp-ing a large file over a low bandwidth connection as part of my testing process. Here is the setup: my pc --- bridge running tc/htb --- rest of network TC is filtering traffic from "my pc" and classifies it as 120kbit (see my script below). I then scp a
2007 Sep 01
9
complete linux and shaping newbie needs help
Hi there good people, I''m a newbie in what concerns running Linux on machines other than desktops, so I need help from all you gurus out there :-) I have Linux installed on an old computer (Winchip C6, Pentium clone), acting as a router/firewall for two other computers. Both these machines are connected to the firewall via a dedicated ethernet card each, on different subnets,
2007 Feb 04
4
tc ingress + iptables mark problem
Hi guys , i am starting to "play" with qos in linux. Well , i am trying to setup an ingress filter but i do not know why it is not working. tc add qdisc dev eth0 ingress tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw police rate 160kbit burst 256kbit drop flowid :1 After that : iptables -A PREROUTING -t mangle --sport 80 -j MARK --set-mark 1 So , i think this
2004 Nov 16
2
tc rules for Internet Radio
I am currently using the ultimate-tc script from http://lartc.org/howto/lartc.cookbook.ultimate-tc.html and I want to make sure that internet radio packets (mp3 streaming audio) will always get through no matter what. I have added some iptables commands like this: iptables -A OUTPUT -t mangle -p tcp --dport 8000 -j TOS --set-tos Minimize-Delay iptables -A OUTPUT -t mangle -p tcp --sport 8000 -j
2006 Apr 09
10
Trying to do some very simple ingress limiting, no success
Hi, I am trying to do some simple ingress limiting based on fwmark. I know the ability and sense to do INGRESS limiting is ehm... limited ;-) but still I want to try it. I tried several things. === 1 === tcq ingress handle ffff: tcf parent ffff: protocol ip prio 1 handle 1 fw police rate 12mbit burst 10k drop tcf parent ffff: protocol ip prio 1 handle 2 fw police rate 10mbit burst 10k drop
2007 Apr 11
4
Policing based on port numbers
Hi, I''m trying to police ingress traffic based on port numbers and IP addresses. The u32 match based on IP addresses seems to work without issues and I''m am able to police incoming packets. However, the same isn''t working with u32 matches based on TCP port numbers. For port numbers, I added exactly one ''u32 match'' rule: common for both: # tc qdisc add
2007 Jul 02
8
Kernel Packet Traveling Diagram
Hi, I find this diagram which details the kernel packet traveling : http://www.docum.org/docum.org/kptd/ Is it up to date ? I made some test and I put a DNAT rules in the PREROUTING table of an interface and I attach it a ingress policy, the dst IP wasn''t changed. the DNAT it isn''t yet make. I''ve another question (I''m not sure is it the good mailing list), for
2006 Jun 30
1
police rate doesn''t work ?
I would like to test police in ingress. I use kernel 2.4.20. I use this configuration: iptables -t mangle -A PREROUTING -i eth0 -s 10.31.12.2 -d 10.31.11.2 -p udp --dport 1001 -j MARK --set-mark 1 iptables -t mangle -A PREROUTING -i eth0 -s 10.31.12.2 -d 10.31.11.2 -p udp --dport 1002 -j MARK --set-mark 2 iptables -t mangle -A PREROUTING -i eth0 -s 10.31.12.2 -d 10.31.11.2 -p udp --dport 1003 -j
2002 Oct 28
6
Fw: wondershaper kills eth0 :(
Hi, When i do ''wshaper start'' the interface i have defined stops routing traffic for some reason. It resumes routing when i do ''wshaper stop''. I''m using debian stable (3.0 woody) with debian''s default 2.4.18-686 kernel. When I run the script I get no errors, and when I do a ''status'', everything looks correct. Can ANYONE
2004 Oct 20
1
throttle particular client ip
I know this will be trivial for most, but I am having trouble with getting my scenario to work correctly. I want to ''tag'' and ''throttle'' the bandwidth to and from a particular client on my lan side. Better yet, I just want to throttle smtp traffic, per say, for that ip. ----lan----------eth1-[linux.box]-eth0----------internet I have used the technique
2005 Aug 09
4
Too slow computer?
Hello! I''ve put some questions on this list some weeks ago and I''ve got good answers. Thank you! Now I''ve finished my (beautyful) script and I ran it on my router... About my script: It routes packages based on their destination on the Internet. I have about 1650 preffered destination networks listed in some file. The script read this file and marks every package for
2002 Jun 12
3
Why this stupid ingress tc does not work ?
Hi ! I wanted to shape my analog modem connection so I took these two lines from the ''wondershaper'' script: tc qdisc add dev $DEV handle ffff: ingress #tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip \ src 0.0.0.0/0 police rate ${DOWNLINK} burst 10k drop flowid :1 with DEV=ppp0 and DOWNLINK=24kbit. But, when I activate it, nothing comes back from the