From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter Surda Date: Sat, 14 Jan 2006 21:43:10 +0000 Subject: Re: [LARTC] Per user bandwidth limiting ..for small ISP.using Squid Message-Id: <43C9706E.9040005@shurdix.com> List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Andreas Klauer schrieb: >>However, there were some kind guys who designed the "tproxy" iptables >>extension, which can help you. >> (cut) >These are about the most interesting lines I've seen on this topic. >However, I'm in a small home network situation, so even having just >one dedicated linux machine is luxury. So any solution that requires >separate machines is not feasible for me. > > Unfortunately for design reasons, TPROXY and NAT won't work together and AFAIK there are no plans to change this. I didn't investigate deeply, but I assume TPROXY uses the fields reserved for NAT for other purposes. So if you need both NAT and TPROXY, you need 2 boxes (and some hacking with the routing or arptables or both ;-)). >Other possibilities are: >- Never touch a running system. (If it works, why not leave as is?) > > Actually this is a great idea. I admit I didn't read the original post completely and assumed that a new system is required for some reason. >- Find out how exactly rshaper limits and/or distributes > > Upon looking at the docs for rshaper, I don't think it distributes anything (only limits and has no borrowing). This can be done with HTB (and IMQ). Several years ago I wrote a bandwidth management system for a small ISP that actually worked somewhat like this (the ISP uses a web interface to set incoming/outgoing bandwith for individual customers, and optionally a monthly limit, and cron sets up the HTB rules automagically). I don't use it personally, Shurdix does fair distribution only, but I imagine there are people who might have other requirements. If there is enough interest (and I find the time) I can polish it and put it for download. >Regards, >Andreas Klauer > > Yours sincerely, Peter -- http://www.shurdix.org - Linux distribution for routers and firewalls _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc