>Messsage du 10/08/2002 00:10 >De : Wayne de Nobrega <wdenobre@techconcepts.co.za> >A : <lartc@mailman.ds9a.nl> >Copie à : >Objet : Managing Inbound Traffic > > I have been playing around with traffic shaping using htb and imq but am > battling to get any control over the inbound traffic. Managing the > outgoing is working perfectly. To manage the inbound internet traffic > which is running on a 64kbit line, I have tried the following including > various permutations of priorities, bursts, and ceilings with no affect. > (Does the ceil option work becuase when I did have it set higher than > the rate, the traffic did not increase even with no other traffic on the > line. I noticed the same thing with the burst option. I cannot place > the shaper at the ISP in this case. > > modprobe imq numdevs=1 > > tc qdisc add dev imq0 handle 1: root htb default 1 > tc class add dev imq0 parent 1: classid 1:1 htb rate 64kbit > > tc qdisc add dev imq0 parent 1:1 handle 10: htb default 5 > tc class add dev imq0 parent 10: classid 10:1 htb rate 12kbit burst > 16kbit prio 3 > tc class add dev imq0 parent 10: classid 10:2 htb rate 28kbit burst > 16kbit prio 2 > tc class add dev imq0 parent 10: classid 10:3 htb rate 16kbit burst > 16kbit prio 1 > tc class add dev imq0 parent 10: classid 10:5 htb rate 8kbit prio 4 > > tc qdisc add dev imq0 parent 10:1 handle 21:0 sfq > tc qdisc add dev imq0 parent 10:2 handle 22:0 sfq > tc qdisc add dev imq0 parent 10:3 handle 23:0 sfq > tc qdisc add dev imq0 parent 10:5 handle 24:0 sfq > > tc filter add dev imq0 protocol ip pref 1 parent 10: handle 1 fw classid > 10:1 > tc filter add dev imq0 protocol ip pref 2 parent 10: handle 2 fw classid > 10:2 > tc filter add dev imq0 protocol ip pref 3 parent 10: handle 3 fw classid > 10:3 > > iptables -t mangle -A PREROUTING -i eth0 -j IMQ > iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 20 --dport 1024: > -m state --state ESTABLISHED -j MARK --set-mark 1 > iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 80 --dport 1024: > -m state --state ESTABLISHED -j MARK --set-mark 2 > iptables -t mangle -A PREROUTING -i eth0 -p tcp --sport 22 --dport 1024: > -m state --state ESTABLISHED -j MARK --set-mark 3 I wonder if this is true. Shouldn't one rather use iptables -t mangle -A PREROUTING -i eth0 -j IMQ at the end (after the other rules) ? Otherwise everyting from eth0 will go right to target IMQ and the other rules are never executed, i.e. the desired packets are never marked and all the filters are never true ... -- Thomas _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/