Hi, here is my outputs coming: [root@basement sysconfig]# iptables -t mangle -nvL Chain PREROUTING (policy ACCEPT 2082K packets, 1828M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 30207 packets, 3707K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 2043K packets, 1812M bytes) pkts bytes target prot opt in out source destination 88476 60M MARK tcp -- * * 192.168.1.0/24 !192.168.1.0/24 tcp dpts:1024:1862 MARK set 0x1 53899 13M MARK tcp -- * * 192.168.1.0/24 !192.168.1.0/24 tcp dpts:1864:65535 MARK set 0x1 Chain OUTPUT (policy ACCEPT 35682 packets, 11M bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 2078K packets, 1823M bytes) pkts bytes target prot opt in out source destination [root@basement sysconfig]# [root@basement sysconfig]# tc -s -d class show dev ppp0 class cbq 1: root rate 10Mbit cell 8b (bounded,isolated) prio no-transmit/8 weight 10Mbit allot 1492b level 2 ewma 5 avpkt 1000b maxidle 23us Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:10 parent 1:1 leaf 10: rate 80Kbit cell 8b prio 1/1 weight 80Kbit allot 1600b level 0 ewma 5 avpkt 1000b maxidle 23us Sent 21230491 bytes 509446 pkts (dropped 0, overlimits 2127) borrowed 0 overactions 1447 avgidle 624 undertime 0 class cbq 1:1 parent 1: rate 80Kbit cell 8b (bounded,isolated) prio 5/5 weight 80Kbit allot 1500b level 1 ewma 5 avpkt 1000b maxidle 23us Sent 56095919 bytes 539304 pkts (dropped 0, overlimits 0) borrowed 11572 overactions 0 avgidle -44724 undertime 46502 class cbq 1:20 parent 1:1 leaf 20: rate 72Kbit cell 8b prio 2/2 weight 72Kbit allot 1600b level 0 ewma 5 avpkt 1000b maxidle 23us Sent 34865428 bytes 29858 pkts (dropped 0, overlimits 96751) borrowed 11572 overactions 4191 avgidle 624 undertime 0 class cbq 1:30 parent 1:1 leaf 30: rate 64Kbit cell 8b prio 2/2 weight 64Kbit allot 1600b level 0 ewma 5 avpkt 1000b maxidle 23us Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 class cbq 1:40 parent 1:1 leaf 40: rate 8Kbit cell 8b prio 2/2 weight 8Kbit allot 1600b level 0 ewma 5 avpkt 1000b maxidle 23us Sent 0 bytes 0 pkts (dropped 0, overlimits 0) borrowed 0 overactions 0 avgidle 624 undertime 0 Gabor. > On Saturday 07 December 2002 14:44, Gabor Csuri wrote: > > Hi All, > > > > I'm using iptables-1.2.7a on RedHat8 kernel 2.4.20. > > I wanted to limit the file-sharing traffic to the internet. > > I marked the packets with iptables: > > > > iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d ! > > 192.168.1.1/24 --dport 1024:1862 -j MARK --set-mark 1 > > > > iptables -A FORWARD -t mangle -p tcp -s 192.168.1.1/24 -d ! > > 192.168.1.1/24 --dport 1864:65535 -j MARK --set-mark 1 > > > > and I put some new lines to wondershaper 1.1a (before "#start filters" > > label) : > > > > tc class add dev $DEV parent 1:1 classid 1:40 cbq rate > $[$UPLINK/10]kbit \ > > allot 1600 prio 2 avpkt 1000 > > tc qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10 > > tc filter add dev $DEV parent 1:0 protocol ip handle 1 fw flowid 1:40 > > > > #start filters > > ... > > > > I realized there is a 80Kbit/s traffic to a site (port 2334) > from inside. > > My $UPLINK is 80. > > How can be this? > Can you check the counters of iptables so you are sure you are > marking the > packets ??? And the same for tc : tc -s -d show class deb eth0. > > Stef > > -- > > stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
