[LARTC] limiting to a port

[LARTC] limiting to a port

[mdew]

[-- Attachment #1: Type: text/plain, Size: 276 bytes --]


one user is utilising to much :80 traffic, how would i limit traffic?

Our current bandwidth is 256Kb, i would like to shape the user down
64Kb.


-- 
ph33r!
Linux mdew 2.4.18-xfs #2 Fri Apr 26 15:09:11 NZST 2002 i686 unknown
GPG Key: http://mdew.orcon.net.nz/gpg

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [LARTC] limiting to a port

[Stef Coene]

On Wednesday 12 June 2002 05:05, mdew wrote:
> one user is utilising to much :80 traffic, how would i limit traffic?
>
> Our current bandwidth is 256Kb, i would like to shape the user down
> 64Kb.
You have to attach a htb or cbq qdisc.  Create a class with limited bandiwdth 
and redirect all traffic to port 80 to that class with a filter.

See the lartc howto and/or www.docum.org for more info.

Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] limiting to a port

[mdew]

[-- Attachment #1: Type: text/plain, Size: 721 bytes --]

On Wed, 2002-06-12 at 21:07, Stef Coene wrote:
> On Wednesday 12 June 2002 05:05, mdew wrote:
> > one user is utilising to much :80 traffic, how would i limit traffic?
> >
> > Our current bandwidth is 256Kb, i would like to shape the user down
> > 64Kb.
> You have to attach a htb or cbq qdisc.  Create a class with limited bandiwdth 
> and redirect all traffic to port 80 to that class with a filter.
> 
> See the lartc howto and/or www.docum.org for more info.

is it possible to get an example of this? Ive read the adv routing howto
and found it terribly confusing. :( 

thanks.

-- 
ph33r!
Linux mdew 2.4.18-xfs #2 Fri Apr 26 15:09:11 NZST 2002 i686 unknown
GPG Key: http://mdew.orcon.net.nz/gpg

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [LARTC] limiting to a port

[mdew]

[-- Attachment #1: Type: text/plain, Size: 1505 bytes --]

On Wed, 2002-06-12 at 21:07, Stef Coene wrote:
> On Wednesday 12 June 2002 05:05, mdew wrote:
> > one user is utilising to much :80 traffic, how would i limit traffic?
> >
> > Our current bandwidth is 256Kb, i would like to shape the user down
> > 64Kb.
> You have to attach a htb or cbq qdisc.  Create a class with limited bandiwdth 
> and redirect all traffic to port 80 to that class with a filter.
> 
> See the lartc howto and/or www.docum.org for more info.

from an example off the website, ive change a couple of values... what
do i need to start limiting to *only* port 80

#!/bin/sh
RATE_TOT=256kbps
RATE1=128kbps

IP=210.54.175.12

DEV="dev eth0"
OPTION="allot 1514 maxburst 20 avpkt 1000"

tc qdisc del $DEV root
tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
tc class add $DEV parent 10:0 classid 10:1 cbq bandwidth 10mbit rate
$RATE_TOT $OPTION prio 3 isolated
tc class add $DEV parent 10:1 classid 10:10 cbq bandwidth 10mbit rate
$RATE1 $OPTION prio 3 bounded

tc filter add $DEV parent 10:  protocol ip prio 3 handle 1 fw classid
10:1
tc filter add $DEV parent 10:1 protocol ip prio 3 handle 1 fw classid
10:10

iptables -F
iptables -X
iptables -N acc_0
iptables -N acc_1
iptables -A OUTPUT -t mangle -p tcp --dport 2000 -d $IP -j MARK
--set-mark 1
iptables -A OUTPUT -p tcp --dport 2000 -d $IP -j acc_0


-- 
ph33r!
Linux mdew 2.4.18-xfs #2 Fri Apr 26 15:09:11 NZST 2002 i686 unknown
GPG Key: http://mdew.orcon.net.nz/gpg

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [LARTC] limiting to a port

[Stef Coene]

On Thursday 13 June 2002 07:06, mdew wrote:
> On Wed, 2002-06-12 at 21:07, Stef Coene wrote:
> > On Wednesday 12 June 2002 05:05, mdew wrote:
> > > one user is utilising to much :80 traffic, how would i limit traffic?
> > >
> > > Our current bandwidth is 256Kb, i would like to shape the user down
> > > 64Kb.
> >
> > You have to attach a htb or cbq qdisc.  Create a class with limited
> > bandiwdth and redirect all traffic to port 80 to that class with a
> > filter.
> >
> > See the lartc howto and/or www.docum.org for more info.
>
> from an example off the website, ive change a couple of values... what
> do i need to start limiting to *only* port 80
-dport is the destination port.  So change it to -dport 80.  This will mark 
all packets to port 80 with mark 1.  But the setup is more complicated.  You 
also need to mark the packets not to port 80 and put it in the other chain.

> #!/bin/sh
> RATE_TOT=256kbps
> RATE1=128kbps
>
> IP=210.54.175.12
>
> DEV="dev eth0"
> OPTION="allot 1514 maxburst 20 avpkt 1000"
>
> tc qdisc del $DEV root
> tc qdisc add $DEV root handle 10: cbq bandwidth 10mbit avpkt 1000
> tc class add $DEV parent 10:0 classid 10:1 cbq bandwidth 10mbit rate
> $RATE_TOT $OPTION prio 3 isolated
> tc class add $DEV parent 10:1 classid 10:10 cbq bandwidth 10mbit rate
> $RATE1 $OPTION prio 3 bounded
>
> tc filter add $DEV parent 10:  protocol ip prio 3 handle 1 fw classid
> 10:1
> tc filter add $DEV parent 10:1 protocol ip prio 3 handle 1 fw classid
> 10:10
>
> iptables -F
> iptables -X
> iptables -N acc_0
> iptables -N acc_1
> iptables -A OUTPUT -t mangle -p tcp --dport 2000 -d $IP -j MARK
> --set-mark 1
> iptables -A OUTPUT -p tcp --dport 2000 -d $IP -j acc_0
Stef

-- 

stef.coene@docum.org
 "Using Linux as bandwidth manager"
     http://www.docum.org/
     #lartc @ irc.openprojects.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/