From mboxrd@z Thu Jan 1 00:00:00 1970 From: Georgi Alexandrov Date: Sun, 11 Dec 2005 15:30:55 +0000 Subject: Re: [LARTC] shareaza Message-Id: <439C462F.6050308@gmail.com> List-Id: References: <20051211144541.GA4079@ncrfgs3.ncrfgs> In-Reply-To: <20051211144541.GA4079@ncrfgs3.ncrfgs> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org ncrfgs wrote: >Hi, > >A, B and C are three machines. A and C directly access to >theInternet while B access to the Internet through A. > > +-------------------------------------------------------------+ > | +-------------+ +-------------+ | > | | A | | B | | > | | | --- eth0 ---> <--- eth0 --- | | | > | | 192.168.0.1 | | 192.168.0.2 | | > | +-------------+ +-------------+ | > +-------------------------------------------------------------+ > | > ppp0 > | > v > Internet > ^ > | > +---+ > | C | > +---+ > >A runs GNU/Linux and is configured to MASQUERADE B and in >such a way that packets incoming on ppp0 are DROP'd unless >their state is either ESTABLISHED or RELATED or unless >their destination is port 6346 (both tcp and udp), in which >case they are redirected to B. > >B runs Shareaza, a P2P that is able to access several kind >of networks such as edonkey, gnutella and gnutella2 and it >should only use port 6346. > > >I'd like to shape outgoing traffic, that is, I'd like to >limit the bandwidth B uses to upload files over the >Internet. > >I'm sharing the connection with other individuals and I >don't have much control over B... I only have very little >informations about it, sorry, and most of them comes from >tcpdump. > > >If B uploads a file to C through gnutella everything works >like a charm since packets look just like this: > > 192.168.0.2:6346 > xxx.xxx.xxx.xxx:yyyyy > >With tc I filter packets whose source port is 6346 and >everything is fine. > > >Problems come when B uploads a file to C through edonkey. >Packets don't always look like the former ones. Sometimes >the source port is 6346 in this case as well, but more >often they look like this: > > 192.168.0.2:zzzzz > xxx.xxx.xxx.xxx:4662 > >Port 4662 is the most common one but it isn't always the >same. > > >How can I work around it? > > > >Thanks in advance. > >Best regards. > > You can classify the traffic from B going out trough ppp0 with netfilter/iptables like this: iptables -t mangle -A POSTROUTING -o ppp0 -s 192.168.0.2 -j CLASSIFY --set-class 0001:0010 And then shape it: tc qdisc del dev ppp0 root tc qdisc add dev ppp0 root handle 1: htb tc class add dev ppp0 parent 1: classid 1:1 htb rate 128kbit tc class add dev ppp0 parent 1:1 classid 1:10 htb rate 128kbit tc qdisc add dev ppp0 parent 1:10 handle 10: sfq perturb 10 that's for 128kbits/sec upload from 192.168.0.2. I've attached a sfq to the htb class for "smoothness". regards, Georgi Alexandrov _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc