* [LARTC] newbie needs policing help
@ 2007-07-20 20:45 Mike Wright
0 siblings, 0 replies; only message in thread
From: Mike Wright @ 2007-07-20 20:45 UTC (permalink / raw)
To: lartc
Hi listizens,
Complete tc newbie here. I'm in a pinch because of a mail assault on a
server. I've firewalled away many of the most egregious offenders but
non-smtp services are still being DOS'ed because of all the mail traffic.
Here is what I've tried. (I did say newbie ;)
-----------------
#!/bin/sh
#
# policing parent
tc qdisc add dev eth0 handle ffff: ingress
#
# filter should slow tcp smtpd traffic to 64k max
tc filter add dev eth0 parent ffff: protocol ip prio 50 \
u32 match ip dport 0x25 0xFFFF match ip protocol 0x06 0xff \
police rate 55kbit burst 9k drop flowid :1
-----------------
...but I haven't the slightest idea how to check up on it. e.g. with
iproute2 I could say "ip route list" to see what was in there, but how
can I check tc rules? "tc qdisk show" gives some cryptic output but "tc
filter show dev eth0" returns nothing.
(I'm not even sure if the above rules make any sense :( )
Any helpers out there?
TIA,
Mike Wright :m)
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2007-07-20 20:45 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-20 20:45 [LARTC] newbie needs policing help Mike Wright
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.