On Saturday 07 December 2002 14:44, Gabor Csuri wrote:
> Hi All,
>
> I'm using iptables-1.2.7a on RedHat8 kernel 2.4.20.
> I wanted to limit the file-sharing traffic to the internet.
> I marked the packets with iptables:
>
> iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d !
> 192.168.1.1/24 --dport 1024:1862 -j MARK --set-mark 1
>
> iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d !
> 192.168.1.1/24 --dport 1864:65535 -j MARK --set-mark 1
>
> and I put some new lines to wondershaper 1.1a (before "#start filters"
> label) :
>
> tc class add dev $DEV parent 1:1 classid 1:40 cbq rate $[$UPLINK/10]kbit \
> allot 1600 prio 2 avpkt 1000
> tc qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10
> tc filter add dev $DEV parent 1:0 protocol ip handle 1 fw flowid 1:40
>
> #start filters
> ...
>
> I realized there is a 80Kbit/s traffic to a site (port 2334) from inside.
> My $UPLINK is 80.
> How can be this?
Can you check the counters of iptables so you are sure you are marking the
packets ??? And the same for tc : tc -s -d show class deb eth0.
Stef
--
stef.coene@docum.org
"Using Linux as bandwidth manager"
http://www.docum.org/
#lartc @ irc.oftc.net
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
