From: Nataniel Klug <nata@cnett.com.br>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] u32 and iptables do not work together
Date: Sat, 08 Apr 2006 11:21:40 +0000 [thread overview]
Message-ID: <44379CC4.9010309@cnett.com.br> (raw)
In-Reply-To: <4436AEB8.1070300@cnett.com.br>
Jody,
I think it worked fine... This is my new script (below the text). I just
dont know how can I know if this traffic is relly going to the class I
send it... hehehehe... I am marking Skype packages using L7-Filter like
this:
$IPT -t mangle -A PREROUTING -m layer7 --l7proto skypetoskype -j MARK
--set-mark 10
Att,
Nataniel Klug
--------------------------------
#!/bin/sh
#------
# Script de QoS Cyber Nett
#------
# Nataniel Klug
# suporte@cnett.com.br
#------
TC="/sbin/tc"
IPT="/usr/local/sbin/iptables"
DL="eth3"
#------
# Apagando regras antigas de QoS
#------
$TC qdisc del dev $DL root 2> /dev/null > /dev/null
$TC qdisc del dev $DL ingress 2> /dev/null > /dev/null
#------
# Regras para a placa eth1
#------
$TC qdisc add dev $DL root handle 1: htb default 50
CLASS="/sbin/tc class add dev $DL parent"
$CLASS 1: classid 1:1 htb rate 3072Kbit
$CLASS 1:1 classid 1:10 htb rate 384Kbit prio 1
$CLASS 1:1 classid 1:20 htb rate 1024Kbit ceil 2048Kbit prio 2
$CLASS 1:1 classid 1:30 htb rate 512Kbit ceil 512Kbit prio 3
$CLASS 1:1 classid 1:40 htb rate 512Kbit ceil 512Kbit prio 4
$CLASS 1:1 classid 1:50 htb rate 640Kbit ceil 640Kbit prio 5
QDISC="/sbin/tc qdisc add dev $DL parent"
$QDISC 1:10 handle 10: sfq perturb 10
$QDISC 1:20 handle 20: sfq perturb 10
$QDISC 1:30 handle 30: sfq perturb 10
$QDISC 1:40 handle 40: sfq perturb 10
$QDISC 1:50 handle 50: sfq perturb 10
FILTER="/sbin/tc filter add dev $DL parent 1:0 protocol"
$FILTER ip prio 11 u32 match ip protocol 1 0xff flowid 1:10
$FILTER ip prio 12 u32 match ip sport 22 0xffff flowid 1:10
$FILTER ip prio 12 u32 match ip sport 23 0xffff flowid 1:10
$FILTER ip prio 12 u32 match ip sport 2202 0xffff flowid 1:10
$FILTER ip prio 13 u32 match ip sport 6121 0xffff flowid 1:10
$FILTER ip prio 13 u32 match ip sport 5121 0xffff flowid 1:10
$FILTER ip prio 14 handle 10 fw classid 1:10
$FILTER ip prio 21 u32 match ip sport 80 0xffff flowid 1:20
$FILTER ip prio 21 u32 match ip sport 443 0xffff flowid 1:20
$FILTER ip prio 21 u32 match ip sport 3128 0xffff flowid 1:20
$FILTER ip prio 22 u32 match ip src 200.189.176.206/32 flowid 1:20
$FILTER ip prio 22 u32 match ip src 200.189.176.205/32 flowid 1:20
$FILTER ip prio 22 u32 match ip sport 5065 0xffff flowid 1:20
$FILTER ip prio 22 u32 match ip sport 5070 0xffff flowid 1:20
$FILTER ip prio 31 u32 match ip sport 53 0xffff flowid 1:30
$FILTER ip prio 32 u32 match ip sport 25 0xffff flowid 1:30
$FILTER ip prio 32 u32 match ip sport 110 0xffff flowid 1:30
$FILTER ip prio 41 u32 match ip sport 21 0xffff flowid 1:40
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next prev parent reply other threads:[~2006-04-08 11:21 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-04-07 18:26 [LARTC] u32 and iptables do not work together Nataniel Klug
2006-04-07 18:45 ` Andreas Klauer
2006-04-07 19:09 ` Nataniel Klug
2006-04-07 19:54 ` Evgeni Gechev
2006-04-07 21:10 ` Jody Shumaker
2006-04-08 10:03 ` Piotr Chytla
2006-04-08 11:21 ` Nataniel Klug [this message]
2006-04-08 13:18 ` Piotr Chytla
2006-04-08 13:37 ` Andreas Klauer
2006-04-10 16:23 ` Nataniel Klug
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44379CC4.9010309@cnett.com.br \
--to=nata@cnett.com.br \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.