From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Gabor Csuri" <csucsu@dunasor.hu>
Date: Sat, 07 Dec 2002 13:44:26 +0000
Subject: [LARTC] Why my script doesn't work ???
Message-Id: <marc-lartc-103926856707555@msgid-missing>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hi All,

 I'm using iptables-1.2.7a on RedHat8 kernel 2.4.20.
I wanted to limit the file-sharing traffic to the internet.
I marked the packets with iptables:

iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d !
192.168.1.1/24 --dport 1024:1862 -j MARK --set-mark 1

iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d !
192.168.1.1/24 --dport 1864:65535 -j MARK --set-mark 1

and I put some new lines to wondershaper 1.1a (before "#start filters"
label) :

tc class add dev $DEV parent 1:1 classid 1:40 cbq rate $[$UPLINK/10]kbit \
   allot 1600 prio 2 avpkt 1000
tc qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10
tc filter add dev $DEV parent 1:0 protocol ip handle 1 fw flowid 1:40

#start filters
...

I realized there is a 80Kbit/s traffic to a site (port 2334) from inside.
My $UPLINK is 80.
How can be this?

Thanks, Gabor

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/