Displaying 20 results from an estimated 1000 matches similar to: "Packet loss with htb+sfq+l7filter"
2004 Nov 29
2
Interesting oopses...
OK - this is starting to get frustrating... Are there any known issues
with 2.6.9 and traffic shaping? I am using 2.6.9 with geoip 20041115,
and get odd oopses. The following script oopses my box:
-----------------------------------------------------
#!/bin/sh -x
IFOUT=''eth1''
IFIN=''eth0''
TC=''/sbin/tc''
2005 Dec 22
5
control p2p upload bandwidth rate
Hi all,
I am running Slackware 10.1 with Kernel 2.6.14.3 includes iptables 1.3.4
with layer 7
My network diagram below: -
INTERNET --- LINUX_ROUTER_FW --- PCs
Below is my simple iptables script: -
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t mangle -A POSTROUTING -m layer7 --l7proto applejuice -j MARK
--set-mark 1
iptables -t
2012 Jul 10
2
how can I show the xlab and ylab information while using layout
hi R-users:
I want to draw three plot into one figure by layout and the script has
been shown below.
But I find R does not show the xlab and ylab information completely as
shown the figure attached.
How can I midify the script.? thank you .
xxlab<-paste(cpmd," (",ro,"%)",sep=" ")
yylab<-paste(rfmd," (",co,"%)",sep=" ")
2005 Jul 06
8
HTB and bittorrent, won''t work
Hello,
I''ve been trying to shape the bittorrent traffic (on my external interface,
upload), but without luck, for this I''m using layer7 filter right now, but
I''ve also tried ipp2p, with the same results, I might say that this is not a
problem with this packet classifiers, the problem is with HTB, here''s why.
When I open azureus (the bittorrent client I
2006 Nov 12
1
Script for get bandwidth statistic from iptable
i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7
but i don''t know which script for getting it in log file and use data after get it for plotting graph later
my IPTABLES command like this
iptables -t mangle -N all
iptables -t mangle -A POSTROUTING -j all
iptables -t mangle -A
2007 Sep 19
2
bittorrent traffic...
Hi,
Thanks for the reply.
Mohan Sundaram wrote :
> mark in iptables and use tc to classify using mark.
Mark like this ?
iptables -A INPUT -m layer7 --l7proto bittorrent -j MARK --set-mark 3
and then..
tc filter add dev eth0 protocol ip parent 1:0 1 handle 3 fw flowid 1:10
and lets say we have a flowid 1:3 declared to use at 60kbit ceil 60kbit
Is that proper ?
If so then it
2005 Jul 08
2
P2P shaping, won''t work
Hello, its me again, I won''t stop sending emails to this list, until I solve
this problem, I''ve tried several apps to create the right htb rules (even
made them my self), but I always get the same results, traffic gets shaped,
but I can''t use my bandwidth, and this is weird, because I should be able to,
also I keep seeing download being limited too, and that
2005 Feb 16
9
DSCP, ToS and Egress
I''m successfully using HTB + GRED to shape traffic based on the DSCP field. I
would like to strip the DSCP and possibly replace it with normal ToS bits on
egress traffic leaving my network. Leaving DSCP set is pointless, and could
potentially cause problems with some ISPs that use DSCP internally I suppose.
Setting ToS bits would seem ideal as most networks still honor it to varying
2006 Jan 12
1
Qos and bandwidth control
hi everybody.
im trying to set up an QoS config, using layer7
(http://l7-filter.sourceforge.net/) for protocol detection.
im suposing 3 clients with this configuration:
3 clients: 1.2.3.1 , 1.2.3.2 , 1.2.3.3
1.2.3.1 has 256kbit bandwidth "guaranteed"
clients 1.2.3.2 and 1.2.3.3 has 256kbit bandwith
so im marking every packet using layer7 iptables module, classifying them in
three
2004 Jul 09
14
Layer 7 netfilter not working
Hello there!
I am trying to get traffic shaping working on my Linux router (debian
woody 3r02) and for some things I wanted to use the layer 7 packet
classifier, but I can''t get it to work.
Here is what I did:
-downloaded the patches from http://l7-filter.sourceforge.net
-downloaded the kernel 2.6.7 source
-downloaded the iptables 1.2.11 source
-patched kernel (layer7 patch and some
2007 Jul 05
4
Load Balancing , MSN and SSL
HI All ,
I am running a FC6 box with two internet links with load balance . Every
thing is working fine expect the MSN connection that failed and reconnect
every time and SSL connections . I would link to know if with the nona
howto I could fix that .
I have been tried with no success to redirect that connection only to one
link but its look like do not work . Here my configuration :
2006 Dec 12
1
Layer7 module doesn''t detect nothing on my bridge with a 2.6.18.3 kernel
Hello
I''ve setuped a QOS bridge under debian 3.1 using 2.6.18.3 kernel +
iptables 1.3.6
I''ve patched the kernel an Iptables with esfq+layer7 without problems.
This simple script doesn''t log nothing ... And I''m sure to have eMule
traffic (I''ve checked with tcpdump )
If I remove " -m layer7 --l7proto edonkey \" line I can see
2005 Jan 22
2
Layer 7 packet classifier doesn''t recognize packets sent by the router itself
Hi there,
I have a little problem. I had this some months ago but didn''t solve it
back then. I have patched my kernel with Layer 7 support and patched my
iptables to support it, too.
Now I inserted this line in my firewall script on my router for testing
purpose:
$IPTABLES -t mangle -A POSTROUTING -o $INET_IFACE -p tcp -m layer7
--l7proto http -j DROP
It works, BUT only if the
2006 Sep 21
0
layer7 http
hello,
I try to use layer7 filter to classify packets. I have a proble with http match. This protocol seems to work well with l7-filter (http://l7-filter.sourceforge.net/protocols) but for me nothing is filtering in http class. Someone can help me ?
Here is my script :
#!/bin/bash
IPT_BIN=/sbin/iptables
TC_BIN=/sbin/tc
INTER_OUT=ppp0
LINK_RATE_UP=1000Kbit
RATE_ACK=200Kbit
RATE_DEFAULT=100Kbit
2007 Sep 03
3
Classes do not receive any traffic ?
Hello everyone.
CONFIGURATION DESCRIPTION:
I have a linux box doing masquerade for two lan''s. Here is a piece of
mine network config:
eth0 : ISP , one public ip address (DSL modem)
eth1 : lan , private network address fe: 192.168.4.0/24
eth2 : wlan access point performing as lan2wlan bridge , private network
addes fe. 192.168.67.0/24
This box use 2.6.20 kernel with iptables-1.3.8
2004 Aug 04
5
Asterisk QOS working perfect using sveasoft 3.11g
As seen on my post at:
http://www.sveasoft.com/modules/phpBB2/viewtopic.php?p=28112#28112
This works very well... It does NOT work with stable 4.0! sveasoft
will be issuing a bug fix for this (4.1) in the near future.
Final Rev of working script w/ asterisk support
I'm not going to run alchemy on production machines until it is stablish.
Remember to set your uplink properly and to set
2007 Jun 08
5
CBQ + Layer7 x Emule
Hi All ,
My first message and I have a little problem with my FC6 box trying to block
emule traffic using layer7 .
Here my network :
Internet --------- ADSL Router ------------------- FC6 Box
-------------------- Emule Box
external ADSL : Dynamic
Internal ADSL : 192.168.254.1
external FC6 : 192.168.254.3
internal FC6 : 192.168.253.1
Emule Box : 192.168.253.3
I guess that everything
2006 Jan 25
4
tcf_action_destroy destroying
Hi,lartc
I used iproute-060110 with iptables1.3.4 on gentoo 2005r1 kernel 2.6.14-5.
I find some error messages in system logfile:
HTB: quantum of class 10001 is big. Consider r2q change.
HTB: quantum of class 10010 is big. Consider r2q change.
tcf_action_init_1: successfull police
HTB: quantum of class 20001 is big. Consider r2q change.
HTB: quantum of class 20020 is big. Consider
2006 Dec 06
0
Configuring a QoS Box + Cliente Bandwidth Control
Hello all,
I am trying to configure a linux box to make some QoS into my
netowork and, at the same box, control my clients bandwidth. I have this
classes created:
----------------------------------------------------------------
UP="eth0" # wan infocontabil
DL01="eth2" # lan clientes
$TC qdisc del dev $DL01 root 2> /dev/null >
2005 Aug 02
0
iptables -m layer7 - doesn''t work
I''ve compiled my kernel (2.6.12.3) and iptables (1.3.3) and now -m
layer7 option from iptables works (i don''t get any error when run the
iptables command with -m layer7).
The problem is that no packet is matched. For example iptables -A INPUT
-p tcp -m layer7 --l7proto http -j ACCEPT doesn''t match http packets.
The same for dns and ssh.
So, what am I doing wrong? Is this