This is a multi-part message in MIME format.
------=_NextPart_000_0020_01C2B0C2.A50E5880
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
But you are not listening to what I and others have been saying. Forget
about the ICMP pings! They don't mean nothing!
Use the script I attached (change a few settings, like your own speeds,
interface and executables, speeds are in kbit!). Then use the following
iptables rules:
(eth0=my internet-interface, eth2=my LAN interface, change if needed !)
# ICMP packets have an even higher priority (so you can test it with ping,
but this doesn't help CounterStrike at all!)
# Don't do massive pings/traceroutes because that would choke other traffic
(including CS)!
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 1 -p ICMP
iptables -I OUTPUT -t mangle -o eth0 -j MARK --set-mark 1 -p ICMP
# And here's Counter Strike:
# if you want you could add: -m multiport --destination-port 27000:27050
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 1 -p
DP --source-port 27005
# ACK Packets get higher priority than 'normal' packets
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 2 -p TCP -m
length --length 0:100
iptables -I OUTPUT -t mangle -o eth0 -j MARK --set-mark 2 -p TCP -m
length --length 0:100
And add some more yourself, remember:
- All rules are tested for each packet: MARK does _not_ stop like ACCEPT and
RETURN do.
- Therefore the order in which you place these rules is important.
- Rules are inserted (-I) in the table, so eventually (use iptables -L -n)
the rules will be 'upside down' in the table.
- Thus higher priorities rules (lower MARK numbers) should go first in your
script, otherwise they might be overruled by later rules.
Jannes Faber
----- Original Message -----
From: "Ciprian Niculescu" <lartc@cnicules.4email.net>
To: "Tornado" <tornado@linuxfromscratch.org>; <lartc@mailman.ds9a.nl>
Sent: Tuesday, December 31, 2002 12:23 AM
Subject: Re: [LARTC] wondershaper + htb prio + qdisc prio
> On Mon, 30 Dec 2002 22:22:28 +0100, "Tornado"
> <tornado@linuxfromscratch.org> said:
> > > >
> > > this is what i try, beacouse i dont realy play the game, i generate
> > > trafic to saturate the link, and ping from shell from an externat host
> >
> > In which case, you should check if your downstream is not chocking. Even
> > if
> > you shape outgoing packets, you can still get get bad pings, if your
> > downstream is running at max.
>
> no a 1Mbit trafic on a 5M no chocking :))))
>
> C
>
------=_NextPart_000_0020_01C2B0C2.A50E5880
Content-Type: application/octet-stream;
name="tcstart.sh"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="tcstart.sh"
#!/bin/sh
INET_INTERFACE=3D"eth0"
TC_UPLINK_RATE=3D"100"
TC_RATE[0]=3D70
TC_CEIL[0]=3D$TC_UPLINK_RATE
TC_RATE[1]=3D10
TC_CEIL[1]=3D60
TC_RATE[2]=3D10
TC_CEIL[2]=3D60
TC_RATE[3]=3D10
TC_CEIL[3]=3D60
# Executables and stuff
IPTABLES=3D"iptables"
TC=3D"tc-htb"
IP=3D"ip"
LOG=3D"/dev/null"
# Comment out the following two lines after setting up all variables =
above
# and having checked them.
TC=3D"echo tc-htb"
LOG=3D"/dev/stdout"
#### No need to alter anything below here ####
PRIOS=3D'0 1 2 3'
# Packet marks
MARK[0]=3D"1"
MARK[1]=3D"2"
MARK[2]=3D"3"
MARK[3]=3D"4"
# Find last prio, which will be the default
for PRIO in $PRIOS
do
LAST_PRIO=3D$PRIO
done
# The iptables part
iptables -F -t mangle
ezshaper -i start
# The TC part
$TC qdisc del dev $INET_INTERFACE root
$TC qdisc add dev $INET_INTERFACE root handle 1:0 htb default =
$[$LAST_PRIO+10]
$TC class add dev $INET_INTERFACE parent 1:0 classid 1:1 htb rate =
${TC_UPLINK_RATE}kbit
for PRIO in $PRIOS
do
echo -e "\n***** Prio $PRIO *****" > $LOG
# Add leaf classes for PRIO traffic
$TC class add dev $INET_INTERFACE parent 1:1 \
classid 1:$[$PRIO+10] htb \
rate ${TC_RATE[$PRIO]}"kbit" \
ceil ${TC_CEIL[$PRIO]}"kbit" \
prio $PRIO
# Now filter PRIO traffic to this leaf
$TC filter add dev $INET_INTERFACE parent 1:0 \
protocol ip prio $PRIO handle ${MARK[$PRIO]} \
fw flowid 1:$[$PRIO+10]
done
------=_NextPart_000_0020_01C2B0C2.A50E5880--
