Re: [LARTC] shareaza

[Georgi Alexandrov <georgi.alexandrov@gmail.com>]

ncrfgs wrote:

>Hi,
>
>A, B and C are three machines. A and C directly access to
>theInternet while B access to the Internet through A.
>
> +-------------------------------------------------------------+
> | +-------------+                             +-------------+ |
> | |      A      |                             |      B      | |
> | |             | --- eth0 ---> <--- eth0 --- |             | |
> | | 192.168.0.1 |                             | 192.168.0.2 | |
> | +-------------+                             +-------------+ |
> +-------------------------------------------------------------+
>          |
>         ppp0
>          |
>          v
>       Internet
>          ^
>          |
>        +---+
>        | C |
>        +---+
>
>A runs GNU/Linux and is configured to MASQUERADE B and in
>such a way that packets incoming on ppp0 are DROP'd unless
>their state is either ESTABLISHED or RELATED or unless
>their destination is port 6346 (both tcp and udp), in which
>case they are redirected to B.
>
>B runs Shareaza, a P2P that is able to access several kind
>of networks such as edonkey, gnutella and gnutella2 and it
>should only use port 6346.
>
>
>I'd like to shape outgoing traffic, that is, I'd like to
>limit the bandwidth B uses to upload files over the
>Internet.
>
>I'm sharing the connection with other individuals and I
>don't have much control over B... I only have very little
>informations about it, sorry, and most of them comes from
>tcpdump.
>
>
>If B uploads a file to C through gnutella everything works
>like a charm since packets look just like this:
>
> 192.168.0.2:6346 > xxx.xxx.xxx.xxx:yyyyy
>
>With tc I filter packets whose source port is 6346 and
>everything is fine.
>
>
>Problems come when B uploads a file to C through edonkey.
>Packets don't always look like the former ones. Sometimes
>the source port is 6346 in this case as well, but more
>often they look like this:
>
> 192.168.0.2:zzzzz > xxx.xxx.xxx.xxx:4662
>
>Port 4662 is the most common one but it isn't always the
>same.
>
>
>How can I work around it?
>
>
>
>Thanks in advance.
>
>Best regards.
>  
>
You can classify the traffic from B going out trough ppp0 with 
netfilter/iptables like this:
iptables -t mangle -A POSTROUTING -o ppp0 -s 192.168.0.2 -j CLASSIFY 
--set-class 0001:0010

And then shape it:

tc qdisc del dev ppp0 root
tc qdisc add dev ppp0 root handle 1: htb
tc class add dev ppp0 parent 1: classid 1:1 htb rate 128kbit
tc class add dev ppp0 parent 1:1 classid 1:10 htb rate 128kbit
tc qdisc add dev ppp0 parent 1:10 handle 10: sfq perturb 10

that's for 128kbits/sec upload from 192.168.0.2.
I've attached a sfq to the htb class for "smoothness".


regards,
Georgi Alexandrov
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc