[LARTC] problem whith htb script

[LARTC] problem whith htb script

[saptah]

Hi all && happy new Year ;)

I'm try to made a script for shaping my outgoing traffic, but it doesn't
work fine.
The script work good if all packets go thru the default class, but, if I
try to send packets by other class, the packes doesn't go by this class
go also by the default class.

This script is installed in a router linux with ip masquerading for the
clients.

¿how I can classify the packets in this classes?

thx 4 all ;) and sorry for my (bad) english :P


##### My script ######
#!/bin/bash
#QoS ;)
DEV=eth1
RATEUP\x100    #En KiloBytes

# borro las bandas
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
iptables -F   #también las relgas iptables

#creacion del arbol de bandas
tc qdisc add dev $DEV root handle 2: htb default 60
tc class add dev $DEV parent 2: classid 2:1 htb rate 120kbps ceil
${RATEUP}kbps
tc class add dev $DEV parent 2:5 classid 2:50 htb rate
$[70*$RATEUP/100]kbps ceil ${RATEUP}kbps
tc class add dev $DEV parent 2:6 classid 2:60 htb rate
$[20*$RATEUP/100]kbps ceil ${RATEUP}kbps prio 1
tc class add dev $DEV parent 2:7 classid 2:70 htb rate
$[10*$RATEUP/100]kbps ceil ${RATEUP}kbps prio 2

#asociacion de colas sfq con bandas
tc qdisc add dev $DEV parent 2:50 handle 50: sfq
tc qdisc add dev $DEV parent 2:60 handle 60: sfq
tc qdisc add dev $DEV parent 2:70 handle 70: sfq

#se asocian marcas con bandas
tc filter add dev $DEV protocol ip parent 2: handle 5 fw classid 2:50
tc filter add dev $DEV protocol ip parent 2: handle 6 fw classid 2:60
tc filter add dev $DEV protocol ip parent 2: handle 7 fw classid 2:70

#reglas de filtrado

#tc filter add dev $DEV parent 2: protocol ip prio 0 u32 match ip dport
21 0xffff flowid 2:50   #envia algo
#tc filter add dev $DEV parent 2: protocol ip prio 0 u32 match ip dport
20 0xffff flowid 2:50   #envia algo



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] problem whith htb script

[Stef Coene]

On Sunday 04 January 2004 12:30, saptah wrote:
> Hi all && happy new Year ;)
>
> I'm try to made a script for shaping my outgoing traffic, but it doesn't
> work fine.
> The script work good if all packets go thru the default class, but, if I
> try to send packets by other class, the packes doesn't go by this class
> go also by the default class.
>
> This script is installed in a router linux with ip masquerading for the
> clients.
>
> ¿how I can classify the packets in this classes?
>
> thx 4 all ;) and sorry for my (bad) english :P
No problem.
Are you trying to match ftp traffic?  Is so, you can have a problem because 
ftp can use dynamic ports.  So it's not easy to filter out ftp traffic.
You also use a combination of fw and u32 filter.  But for that fw filter, I 
don't see the needed iptables rules.

Stef

-- 
stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] problem whith htb script

[andybr]

Hi all,

The ftp uses dynamic ports in source not in destiny so 
it is possible mark ftp traffic and shape.

[]´s
Anderson


> On Sunday 04 January 2004 12:30, saptah wrote:
> > Hi all && happy new Year ;)
> >
> > I'm try to made a script for shaping my outgoing traf
fic, but it doesn't
> > work fine.
> > The script work good if all packets go thru the defau
lt class, but, if I
> > try to send packets by other class, the packes doesn'
t go by this class
> > go also by the default class.
> >
> > This script is installed in a router linux with ip ma
squerading for the
> > clients.
> >
> > ¿how I can classify the packets in this classes?
> >
> > thx 4 all ;) and sorry for my (bad) english :P
> No problem.
> Are you trying to match ftp traffic?  Is so, you can ha
ve a problem because 
> ftp can use dynamic ports.  So it's not easy to filter 
out ftp traffic.
> You also use a combination of fw and u32 filter.  But f
or that fw filter, I 
> don't see the needed iptables rules.
> 
> Stef
> 
> -- 
> stef.coene@docum.org
>  "Using Linux as bandwidth manager"
>      http://www.docum.org/
>      #lartc @ irc.openprojects.net
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: ht
tp://lartc.org/
> 

 
__________________________________________________________________________
Acabe com aquelas janelinhas que pulam na sua tela.
AntiPop-up UOL - É grátis!
http://antipopup.uol.com.br/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] problem whith htb script

[Eric Leblond]

[-- Attachment #1: Type: text/plain, Size: 475 bytes --]

Le mar 06/01/2004 à 16:53, andybr a écrit :
> Hi all,
> 
> The ftp uses dynamic ports in source not in destiny so 
> it is possible mark ftp traffic and shape.

Use CONNMARK to mark packet it put the same MARK on all the packet of
the connection. So mark follow any non-linear protocol recognized by
Netfilter.
For more information on usage see :
	http://home.regit.org/connmark.html

BR,
-- 
Eric Leblond
NuFW, Now User Filtering Works (http://www.nufw.org)

[-- Attachment #2: Ceci est une partie de message numériquement signée. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]