similar to: Policing IPv6 traffic

Hello everybody on the list, I have the following situation where I want to police the speed of incoming packets from specific subnets to 1024kbps and then police all the rest to 256kbps, which is the speed my ISP grants for the rest of the internet. So, eth1 is the one connected to the cable modem and then to the internet. I do: tc qdisc add dev eth1 ingress handle ffff: then: tc filter

This is an update to the iproute2 command set. It can be downloaded from: http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.18-061214.tar.gz Repository: git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git For more info on iproute2 see: http://linux-net.osdl.org/index.php/Iproute2 The version number includes the kernel version to denote what features are

Adam Jackson (1): Linux: Fail gracefully on machines without PCI. Alan Coopersmith (3): Initialize err to 0 in pci_device_solx_devfs_map_range Add pci_system_solx_devfs_create prototype to pciaccess_private.h Fix lint warnings in solx_devfs.c Danny van Dyk (1): Fix function prototypes for C++ Dave Airlie (2): linux: add pci_device_enable entrypoint and sysfs

I''m having trouble getting ingress policing to work on a bridged device. The bridge contains several interfaces: peth0, vif0.0, vif[1-7]0.1, vif[25].1 . (This is under xen, in case the vif''s didn''t give that away, so peth0 is renamed eth0.) The tc rules I have are: tc qdisc del dev peth0 root tc qdisc del dev peth0 ingress handle ffff: tc qdisc add dev peth0 root

Hi, I''m trying to police the incoming traffic by using ingress qdisc,this is what I have in my script tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 4 \ handle 1: u32 divisor 1 tc filter add dev eth0 parent ffff: protocol ip prio 4 u32 \ match ip dport 4001 0xffff \ police rate 2000kbit burst 50k drop \ flowid

Hi folks I have created a script file (dsmark+policing.sh attached) to check graphic an text outputs of simutations, against original examples/dsmark+policing coding (see TCNG Reference Manual-pg.90). It uses tcng coding (*.tcsim file attached) and old tc coding (*.tcsim_old file attached) inserted in tcsim files. Observation 1: The graphic outputs from (*.tc included in *.tcsim) and (*.tc_old

Hi, I''m trying to police ingress traffic based on port numbers and IP addresses. The u32 match based on IP addresses seems to work without issues and I''m am able to police incoming packets. However, the same isn''t working with u32 matches based on TCP port numbers. For port numbers, I added exactly one ''u32 match'' rule: common for both: # tc qdisc add

Suspend your disbelief, it's 1.4.1. Better imperfect than never at all, I guess. Contains a few security and input fixes, some memory leak fixes, and a few misc bits. git tag: xorg-server-1.4.1 http://xorg.freedesktop.org/archive/individual/xserver/xorg-server-1.4.1.tar.bz2 MD5: 0d638b6857408bb2e564e0c7b772d9a1 xorg-server-1.4.1.tar.bz2 SHA1: b5a020f6a5cc4b16296dadbc9c82073201d7d01a

Hi listizens, Complete tc newbie here. I''m in a pinch because of a mail assault on a server. I''ve firewalled away many of the most egregious offenders but non-smtp services are still being DOS''ed because of all the mail traffic. Here is what I''ve tried. (I did say newbie ;) ----------------- #!/bin/sh # # policing parent tc qdisc add dev eth0 handle

My attempts to configure policing are stopping incoming traffic all together. From the LARTC HOWTO, I gather that the following lines should limit incoming traffic on eth0 to 32kbit by dropping packets above this threshold: tc qdisc add dev eth0 ingress tc filter add dev eth0 parent ffff: protocol ip u32 \ match u8 0x0 0x0 \ police rate 32kbit burst 10k drop \ classid :1 Instead,

Hi all I''m new to this list, but not exactly to iproute stuff. I''d like to solve a specific problem with bandwidth coming from different external sources towards the internal network (also the other way around, but I figure that''s not so much a problem, since that is egress traffic shaping). The network looks like this: internet ------ ISP-------[shaping/router]

Aaron Plattner (2): Bug #14692: Allow drivers to have a say in Xinerama visual consolidation. Short-circuit PanoramiXTranslateVisualID after verifying that the visual actually exists first. Adam Jackson (25): Fix segfault when a monitor exists but has no modes. Size xf86DefaultModes explicitly. Bug #14927: Fix the math for xf86NumDefaultModes. Add the

On Tue, 22 Feb 2011 11:15:39 +0100 "PIOTREK H." <komarekmz@tlen.pl> wrote: > Welcome > > I have a problem with the new iproute "iproute2-2.6.37.tar.bz2 07-Jan-2011 9:18 (the problem from version 2010 to 2011). > Three problems: > a) with filters for UDP traffic > problem affects only the queuing traffic to the machine on which you work qos > In the case

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

Is it possible to have multiple filters around an ingress so that you can police your downloads more specific. What I''m trying to achieve is to have all my ftp-traffic limited to 1024kbit on downloads. I included some commands below so that you might better understand my thoughts on the matter. tc qdisc add dev eth0 root handle 1: htb default 2 tc class add dev eth0 parent 1: classid 1:1

I just noticed that policers don''t seem to work with marks in 2.6 . Can anyone get - iptables -A PREROUTING -t mangle -p tcp -j MARK --set-mark 1 tc qdisc add dev eth0 handle ffff: ingress tc filter add dev eth0 parent ffff: protocol ip prio 1 handle 1 fw police rate 100kbit burst 10k drop flowid :1 To work on a 2.6 - it''s OK on 2.4.26, version of tc used makes no

Hi all, I have 2 questions regarding policing 1. What is the problem with policing as in most mesages I can find people say don''t but I have not found a why? 2. I have the egress below working (numbers in example are bogus, I know). How do I add an ingress policy? /* compile this file with tcc filename > limit.sh and run that file */ dev eth1 { egress { class (

I''ve followed this list for quite a long time and have even posted a couple of times. I used the early versions of IMQ from Devik (I think that was his name), and it worked well. I only ever got the chance to implement it in my test environment. I now need to implement it in my production environment. My Linux core router has nine interfaces and has a 27 megabit connection to the

[I sent this earlier but I guess the list is subscriber-only?] I just set up wondershaper, it has a simple filter on the downstream direction to limit the bandwidth usage: tc qdisc add dev $DEV handle ffff: ingress tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \ 0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1 This is effective but is there any way to

Hello, What exactly is the use of the "reclassify" option in the policing options of tc filters? According to LARTC: " reclassify Most often comes down to reclassification to Best Effort. This is the default action. " I don''t quite get the meaning of that. It could mean to let other filters handle it, but that is exactly the "continue" option. Could