From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Juan Pablo Feria" Date: Tue, 27 Mar 2001 19:11:25 +0000 Subject: [LARTC] Limiting interface/ips traffic via qos Message-Id: List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi, i want to build a firewall which restricts the traffic on ETH1 to 64Kb., i tried to use traffic shaper but if i try to apply the iptables rules to the shaper0 device there are no communication between interfaces =3D(, so im trying to make it via QOS and use the BOUNDES statement to restrict the maximum traffic, here are my script: # Attaching the Qdisc to the eth0 device. The maximum available bandwidth is 10Mbit. tc qdisc add dev eth0 root handle 1: cbq bandwidth 10Mbit cell 8 avpkt 1000 mpu 64 # Adding the root class to the queuing discipline. The root has 10 Mbit completely. tc class add dev eth0 parent 1:0 classid 1:1 cbq bandwidth 10Mbit rate 10Mbit allot 1514 cell 8 weight 1Mbit prio 8 maxburst 20 avpkt 1000 # Traffic to testbed11. The priority is 3 and the allocation is 64 Kbit. tc class add dev eth0 parent 1:1 classid 1:2 cbq bandwidth 10Mbit rate 64Kbit allot 1514 cell 8 weight 100Kbit prio 3 maxburst 20 avpkt 1000 split 1:0 bounded # Traffic to testbed13. The priority is 7 and the allocation is 10176 Kbit. tc class add dev eth0 parent 1:1 classid 1:3 cbq bandwidth 10Mbit rate 10176Kbit allot 1514 cell 8 weight 800Kbit prio 7 maxburst 20 avpkt 1000 split 1:0 bounded # Installing the route classifier on the root of the tree. tc filter add dev eth0 parent 1:0 protocol ip prio 100 route # Assigning the route and the rules for testbed11 ip route add 192.168.0.11 via 192.168.0.1 flow 1:2 NOTE: on this command i get: root@Ner0N:/home/user#ip route add 192.168.0.11 via 192.168.0.1 flow 1:2 Error: either "to" is duplicate, or "flow" is a garbage QUESTION 1 Is possible restrict to 64 K a link using a Queuing discipline? Thanks in advance <---- Begin Signature Ing. Juan Pablo Feria Gomez Responsable T=E9cnico TERRA NETWORKS SONORA Voz : (62)594750 ext. 293 E-Mail: jferiago@no2spam.infosel.net.mx ICQ# : 2149711 =D5=BF=D5=AC "I believe in miracles, I believe in a better world for me an= d you" ~ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Rout= ing/