* [LARTC] Port limiting on forward
@ 2003-11-04 19:54 MCraciun
2003-11-04 21:01 ` MCraciun
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: MCraciun @ 2003-11-04 19:54 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: Text/Plain, Size: 345 bytes --]
I heard that matching ports with mangle and shape with CBQ or HTB will cost
me some resources so i want to limit that way :
1. On forward I want to limit a port range like 0 to 79 at 8kbps .And after that i want to be able to add lines with other port range , also at 8kbps, but only on forward .Today i had just started to use BBQ and HTB
[-- Attachment #2: Type: Text/HTML, Size: 1371 bytes --]
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="IncrediMail 1.0" name=GENERATOR>
<!--IncrdiXMLRemarkStart>
<IncrdiX-Info>
<X-FID>FLAVOR00-NONE-0000-0000-000000000000</X-FID>
<X-FVER>4.0</X-FVER>
<X-CNT>;</X-CNT>
</IncrdiX-Info>
<IncrdiXMLRemarkEnd-->
</HEAD>
<BODY style="BACKGROUND-POSITION: 0px 0px; FONT-SIZE: 12pt; MARGIN: 5px 10px 10px; FONT-FAMILY: Arial" bgColor=#ffffff background="" scroll=yes ORGYPOS="0">
<TABLE id=INCREDIMAINTABLE cellSpacing=0 cellPadding=2 width="100%" border=0>
<TBODY>
<TR>
<TD id=INCREDITEXTREGION style="FONT-SIZE: 12pt; CURSOR: auto; FONT-FAMILY: Arial" width="100%">
<DIV>I heard that matching ports with mangle and shape with CBQ or HTB will cost me some resources so i want to limit that way :</DIV>
<DIV> </DIV>
<DIV>1. On forward I want to limit a port range like 0 to 79 at 8kbps .And after that i want to be able to add lines with other port range , also at 8kbps, but only on forward .Today i had just started to use BBQ and HTB</DIV></TD></TR>
<TR>
<TD id=INCREDIFOOTER width="100%">
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR>
<TD width="100%"></TD>
<TD id=INCREDISOUND vAlign=bottom align=middle></TD>
<TD id=INCREDIANIM vAlign=bottom align=middle></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></BODY></HTML>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Port limiting on forward
2003-11-04 19:54 [LARTC] Port limiting on forward MCraciun
@ 2003-11-04 21:01 ` MCraciun
2004-01-04 20:44 ` Roy
2004-01-04 22:06 ` Roy
2 siblings, 0 replies; 4+ messages in thread
From: MCraciun @ 2003-11-04 21:01 UTC (permalink / raw)
To: lartc
[-- Attachment #1: Type: Text/Plain, Size: 475 bytes --]
I have 40 Users on P2 200 MMX 32 RAM .
So i know how to match packets .
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -s! 192.168.0.5 -p tcp --dport 0:1024 -j
MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 6660:65000 -j MARK
--set-mark 24
How do i shape mark 23 at 1 KB/s and mark 24 at 1 MB/s ?
[-- Attachment #2: Type: Text/HTML, Size: 1891 bytes --]
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="IncrediMail 1.0" name=GENERATOR>
<!--IncrdiXMLRemarkStart>
<IncrdiX-Info>
<X-FID>FLAVOR00-NONE-0000-0000-000000000000</X-FID>
<X-FVER>4.0</X-FVER>
<X-CNT>;</X-CNT>
</IncrdiX-Info>
<IncrdiXMLRemarkEnd-->
</HEAD>
<BODY style="BACKGROUND-POSITION: 0px 0px; FONT-SIZE: 12pt; MARGIN: 5px 10px 10px; FONT-FAMILY: Arial" bgColor=#ffffff background="" scroll=yes ORGYPOS="0">
<TABLE id=INCREDIMAINTABLE cellSpacing=0 cellPadding=2 width="100%" border=0>
<TBODY>
<TR>
<TD id=INCREDITEXTREGION style="FONT-SIZE: 12pt; CURSOR: auto; FONT-FAMILY: Arial" width="100%">
<DIV>I have 40 Users on P2 200 MMX 32 RAM .</DIV>
<DIV>So i know how to match packets .</DIV>
<DIV>iptables -t mangle -N MYSHAPER-OUT</DIV>
<DIV>iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>iptables -t mangle -A MYSHAPER-OUT -s! 192.168.0.5 -p tcp --dport 0:1024 -j MARK --set-mark 23</DIV>
<DIV> </DIV>
<DIV>
<DIV>iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 6660:65000 -j MARK --set-mark 24</DIV>
<DIV> </DIV>
<DIV>How do i shape mark 23 at 1 KB/s and mark 24 at 1 MB/s ?</DIV>
<DIV> </DIV>
<DIV> </DIV></DIV>
<DIV> </DIV>
<DIV> </DIV></TD></TR>
<TR>
<TD id=INCREDIFOOTER width="100%">
<TABLE cellSpacing=0 cellPadding=0 width="100%">
<TBODY>
<TR>
<TD width="100%"></TD>
<TD id=INCREDISOUND vAlign=bottom align=middle></TD>
<TD id=INCREDIANIM vAlign=bottom align=middle></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></BODY></HTML>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Port limiting on forward
2003-11-04 19:54 [LARTC] Port limiting on forward MCraciun
2003-11-04 21:01 ` MCraciun
@ 2004-01-04 20:44 ` Roy
2004-01-04 22:06 ` Roy
2 siblings, 0 replies; 4+ messages in thread
From: Roy @ 2004-01-04 20:44 UTC (permalink / raw)
To: lartc
I heard that matching ports with mangle and shape with CBQ or HTB will cost
me some resources so i want to limit that way :
1. On forward I want to limit a port range like 0 to 79 at 8kbps .And after
that i want to be able to add lines with other port range , also at 8kbps,
but only on forward .Today i had just started to use BBQ and HTB
are you so low on resources? or yo want to manage 10000 users?
the simple way to do everything that is to mark packets with iptables there
is no other way to match port range.
also you can know if pcket is forwarded of not by marking it with iptables
or by source ip.
And how do you use cbq and htb at once?
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LARTC] Port limiting on forward
2003-11-04 19:54 [LARTC] Port limiting on forward MCraciun
2003-11-04 21:01 ` MCraciun
2004-01-04 20:44 ` Roy
@ 2004-01-04 22:06 ` Roy
2 siblings, 0 replies; 4+ messages in thread
From: Roy @ 2004-01-04 22:06 UTC (permalink / raw)
To: lartc
So what is the problem?
create root class
/qos/bin/tc qdisc del dev eth0 root
/qos/bin/tc qdisc add dev eth0 root handle 2
and add these
# mark 23
/qos/bin/tc class add dev eth0 parent 2: classid 2:41 htb rate 8Kbit ceil
8Kbit
/qos/bin/tc qdisc add dev eth0 parent 2:41 sfq
/qos/bin/tc filter add dev eth0 parent 2: protocol ip pref 4 handle 23 fw
classid 2:41
# mark 24
/qos/bin/tc class add dev eth0 parent 2: classid 2:42 htb rate 1000Kbit ceil
1000Kbit
/qos/bin/tc qdisc add dev eth0 parent 2:42 sfq
/qos/bin/tc filter add dev eth0 parent 2: protocol ip pref 4 handle 24 fw
classid 2:42
-----------------------------------------------------
I have 40 Users on P2 200 MMX 32 RAM .
So i know how to match packets .
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -A MYSHAPER-OUT -s! 192.168.0.5 -p tcp --dport 0:1024 -j
MARK --set-mark 23
iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 6660:65000 -j
MARK --set-mark 24
How do i shape mark 23 at 1 KB/s and mark 24 at 1 MB/s ?
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-01-04 22:06 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-11-04 19:54 [LARTC] Port limiting on forward MCraciun
2003-11-04 21:01 ` MCraciun
2004-01-04 20:44 ` Roy
2004-01-04 22:06 ` Roy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.