similar to: Re: Bandwith Control with a firewall/bridge

Hello everyone, First of all, sorry for my poor english. I''ve been working with this for a few weeks and I''m getting sick... I''m trying to control the bandwith in my network using the following script. The machine where the script is running makes NAT, eth0 is connected to the router and eth1 is connected to the Lan. When I run the script it doesn''t appear any

Hello again, First, excuse me for my poor english. I''m trying now to make bandwith control in a firewall machine running Shorewall. This machine is also a bridge using bridge-utils bridge-utils-devel. It is a mandrake 10. The configuration is something like this: FTP/Webserver ------| eth0 eth1 Mailserver

Hello again, First, excuse me for my poor english. I''m trying now to make bandwith control in a firewall machine running Shorewall. This machine is also a bridge using bridge-utils bridge-utils-devel. It is a mandrake 10. The configuration is something like this: FTP/Webserver ------| eth0 eth1 Mailserver

Hi everyone, I don''t know if you remember me, but i had a problem with a machine performing bridge (bridge-utils) and firewall (shorewall) duties. I wanted to control traffic in this machine using iproute2 and tc command with the tcstart and tcrules file in shorewall configuration. My machine hanged up when I used my traffic control script that way, but I found a solution :) The key

I''m streaming audio over a WAN that is 1.5Mbit/s. The audio has to go both ways and can be over tcp or udp. The manufacturers recommend udp as it has less overhead but has a higher chance of dropping out. The audio requires 130-200kbit/s in each direction for a combined 260-400kbit/s. I have two transparent bridges on either side of the WAN to do traffic control. I split it so

Hi, first of all, let me thank you for your great Shoreline Firewall. I use it with great success at home (protecting my WiFi connection). And now if I could have a question about traffic shaping. I did read everything I could find but I still have two problems: first, the MARK from tcrules is not working in HTB based simple tc filter line ("handle $MARK fw classid 1:20"). If I switch

Having study a number of documents on linux traffic shaper, I started to setup my shaping rules in my network. My linux box is running RH AS3 U3, shorewall 2.0.9. It is using PPPoE connected to the Internet firewall: eth0: connect to the adsl modem eth1: private net ppp0: virtual dial up interface for pppoe There is a ftp server on the private net It is listen for port 21 and configured

I''m trying to implement something similar the the diagram in section 9.5.2.1 in the LARTC HOWTO, but must have missed something somewhere :( I''m trying to hack up wondershaper, as it looked like a good place to start.. Here''s where I currently at, but I''ve tried alot of different things, all failing, some worse than others. The end result is to throttle back 126

I have this: class htb 1:29 parent 1:1 prio 0 rate 3000bit ceil 100000bit burst 1599b cburst 1611b Sent 33233 bytes 772 pkts (dropped 0, overlimits 0) lended: 415 borrowed: 357 giants: 0 tokens: -3756376 ctokens: 128779 or this: class htb 1:21 parent 1:1 prio 0 rate 3000bit ceil 100000bit burst 1599b cburst 1611b Sent 57554 bytes 618 pkts (dropped 0, overlimits 0) lended: 193 borrowed: 425

Hi all, I moved wshaper 1.1 cbq file to tcstart, but none of my tcrules are being observed. The only way I can set the marks is by editing the tcstart file. Is there a way to incorporate for tcstart to read and apply my set marks in tcrules? Thank you, ~Andrew Nady.

Ok, shaping on Linux is new to me.. so bear with me if i am just stupid. curtain:/etc/shorewall# grep TC shorewall.conf | grep -v ^# TCP_FLAGS_LOG_LEVEL=info TC_ENABLED=Yes CLEAR_TC=Yes TCP_FLAGS_DISPOSITION=DROP curtain:/etc/shorewall# So it should be enabled, right? ---- tcrules ---- 1 eth0 0.0.0.0/0 all 2 eth1 0.0.0.0/0 all 2 eth2 0.0.0.0/0

Hi there. Currently, our network design has two ISP lines and 3 subnets for LAN. Below are some details :- eth0 - isp1 eth1 - isp2 eth2 - subnet1 eth3 - subnet2 eth4 - subnet3 What i wanted to do is to assign incoming port 80 to our local squid server running on the firewall itself and assigned it to eth0(ISP1). I think it shouldnt be a problem as /etc/shorewall/rules provides a sample of the

I try use setup traffic shaping with Shorewall-4.0.2 and have fault. When i start Shorewall with tc-files configured i get follow messages: ... RTNETLINK answers: No such file or directory We have an error talking to the kernel ERROR: Command "tc filter add dev eth2 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate 500kbit burst 10k drop flowid :1" Failed

So after reading the traffic control documentation at shorewall.net I am a little confused. I don''t understand how to use the tcrules file. What I would ideally like to do is setup htb on a per user basis (either by IP or MAC address). If anybody has any hints on the best way to do this or is willing to explain the use of tcrules file a little better (how I could mark it per IP or MAC)

(excuse me for my english) why mark range in tcrules is 1-255 ? iptables support marks > 255. Leandro.

I don''t know whether this is the right place to ask, but kindly point me to an FM that I can R if it isn''t. My wife is creating lots of Kazaa traffic, and I am using rsync to create a full mirror of Red Hat''s FTP site, Aurora Linux FTP site, the LDP site, and some other stuff. Clearly, when one is moving well over 100GB over a 128 Kbps link, this is going to take a

Hi All, I have a custom TC configuration where I''m building the tc hierarchy manually with the tcstart script. I also need to add custom iptables rules in the mangle table to classify the packets. Currently I''m using started to insert the iptables commands, but that''s way too late in the process. I tried putting them into the initdone file, but it''s trying to

I''m currently building a firewall for a network with 2 ISP links. Unfortunately, one of the ISP''s doesn''t support BGP yet, otherwise I would be doing load balancing at the router, instead of the firewall. I''ve been trying to find information on how to get WonderShaper working, but everything I''ve found talks about setting it up for a firewall with one

Hi All. We have a samba server at our location. We are facing out with some issue. User who have the account on the server are able to access "/" root access. I have tried to add an extra line In Home sharing, which is "path = %H", this lined solved my issue, but gave other issue. After implementing this line under Home share, I am not able to open any other user's

I followed the lnt quickstart <http://llvm.org/docs/lnt/quickstart.html> directions but got this diagnostic when doing the setup: bash-3.2$ ~/mysandbox/bin/python ~/lnt/setup.py develop /Users/dcallahan/mysandbox/lib/python2.7/site-packages/setuptools/dist.py:284: UserWarning: The version spec\ ified requires normalization, consider using '0.4.1.dev0' instead of