* [LARTC] shaping ftp traffic
@ 2004-08-08 19:29 nix4me
2004-08-08 21:04 ` nix4me
0 siblings, 1 reply; 2+ messages in thread
From: nix4me @ 2004-08-08 19:29 UTC (permalink / raw)
To: lartc
I am trying to mark outbound passive ftp traffic with iptables and shape
it to 35KBytes. I am using the following script on the computer that
runs the ftp server.
It is not working correctly, it seems to limit ALL traffic. Cant file
share or anything.
Anyone might know what is wrong? It seems that I might need to add a
'lan limit' so all traffic that is not marked still runs at 100mbit. I
cant quite decipher the docs to do this.
#!/bin/bash
#shaping passive ftp traffic
# mark the outbound passive ftp packets on ports 50000-51000
iptables -t mangle -D POSTROUTING -o eth0 -j MYSHAPER-OUT 2> /dev/null >
/dev/null
iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o eth0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 50000:51000 -j MARK
--set-mark 1
# shape the traffic to 35Kbytes
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:1 htb rate 35kbps
tc filter add dev eth0 parent 1: prio 0 protocol ip handle 1 fw flowid 1:1
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
* [LARTC] shaping ftp traffic
2004-08-08 19:29 [LARTC] shaping ftp traffic nix4me
@ 2004-08-08 21:04 ` nix4me
0 siblings, 0 replies; 2+ messages in thread
From: nix4me @ 2004-08-08 21:04 UTC (permalink / raw)
To: lartc
I added a default class. It is no longer limiting the entire
connection, but it is also not limiting ftp traffic for some reason.
Any ideas?
#!/bin/bash
#shaping passive ftp traffic
# mark the outbound passive ftp packets on ports 50000-51000
iptables -t mangle -D POSTROUTING -o eth0 -j MYSHAPER-OUT 2> /dev/null >
/dev/null
iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o eth0 -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 50000:51000 -j MARK
--set-mark 20
# clear it
tc qdisc del dev eth0 root
#add the root qdisk
tc qdisc add dev eth0 root handle 1: htb default 26
#add main rate limit class
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbps
#add leaf classes
tc class add dev eth0 parent 1:1 classid 1:26 htb rate 100mbps
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 38kbps
#filter traffic into classes
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 20 fw
flowid 1:20
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 26 fw
flowid 1:26
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-08-08 21:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-08 19:29 [LARTC] shaping ftp traffic nix4me
2004-08-08 21:04 ` nix4me
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.