From mboxrd@z Thu Jan  1 00:00:00 1970
From: Teresa e Junior <teresaejunior@gmail.com>
Date: Mon, 15 Sep 2014 05:09:00 +0000
Subject: Re: Can't get tc to limit network traffic
Message-Id: <5416746C.500@gmail.com>
List-Id: <lartc.vger.kernel.org>
References: <541642D6.4040104@gmail.com>
In-Reply-To: <541642D6.4040104@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On Mon, 15 Sep 2014 00:18:43 -0400, Mike Schmidt wrote:
> Basically, you cannot control inbound traffic with tc, except through
> policing, which is what the wondershaper rule does. Policing does not
> shape traffic, it simply drops the excess, which is why it is so
> unreliable.  That is why the throttling works when only you set the
> src to 192.168.0.5. The solution is to use an intermediate device,
> like ifb, or imq, depending on the distribution you are running.  A
> typical example is here:
> http://www.linuxfoundation.org/collaborate/workgroups/networking/ifb

Thank you so much for your answer, Mike!

I had a look at the link you gave to me, and after wrestling against
some errors, I came up with this:

#!/bin/sh

tc qdisc del dev ifb0  root
tc qdisc del dev wlan0 ingress

modprobe ifb

tc qdisc  add dev ifb0 root handle 1: prio
tc qdisc  add dev ifb0 parent 1:1 handle 10: sfq
tc qdisc  add dev ifb0 parent 1:2 handle 20: tbf rate 20kbit \
   buffer 1600 limit 3000
tc qdisc  add dev ifb0 parent 1:3 handle 30: sfq
tc filter add dev ifb0 protocol ip pref 1 parent 1: handle 1 fw classid 1:1
tc filter add dev ifb0 protocol ip pref 2 parent 1: handle 2 fw classid 1:2

ifconfig ifb0 up

tc qdisc  add dev wlan0 ingress
tc filter add dev wlan0 parent ffff: protocol ip prio 10 u32 \
   match u32 0 0 flowid 1:1       \
   action xt -j MARK --set-mark 1 \
   action mirred egress redirect dev ifb0

I'm using xt instead of ipt because ipt gives me the error "bad action
type ipt" and, as mentioned in Debian bug #710450, ipt is just a symlink
to xt:
$ readlink /usr/lib/tc/m_ipt.so
m_xt.so

The problem with this approach is that it doesn't work, actually, but
probably because I'm doing something wrong. I suppose download and
upload would have to be limited to 20kbit, right? When I run the above
script, the speeds are not limited at all. I get only:

tablename: mangle hook: NF_IP_PRE_ROUTING
  	target:  MARK set 0x1 index 0