On Mon, Jun 02, 2003 at 01:35:31PM +0300, TeraHz wrote: > I wan to share internet to these 12 PCs. But my traffic control is not > working. I'm using IP Masquerading to route internet to the LAN > > eth0 - LAN interface > eth1 - Internet interface > > this is my firs htb script: > #!/bin/bash > tc qdisc del dev eth1 root handle 1: > > tc qdisc add dev eth1 root handle 1: htb default 30 > > tc class add dev eth1 parent 1: classid 1:1 htb rate 25kbps ceil 48kbps > #tc class add dev eth0 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps > tc class add dev eth1 parent 1:1 classid 1:10 htb rate 4kbps ceil 48kbps ... > > I tryed to change the parent ID, the Interface -> nothing > > Stef told me that this is not working because of the NAT > > so I've changed the filter part: > > > tc filter add dev eth1 parent 1:0 protocol ip handle 10 fw classid 1:1 > tc filter add dev eth1 parent 1:0 protocol ip handle 11 fw classid 1:12 ... > iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.33 -j MARK -- > set-mark 33 > iptables -A FORWARD -i eth0 -t mangle -p tcp -s 192.168.139.34 -j MARK -- > set-mark 34 > > I thing that this is wright but no! > I've changed FORWARD with OUTUP. I tryed without specifying Interface -> > still nothing. > > What is wrong? > there is no filtration at all! Every packet is forwarded to the root > class! You can guess what happens when someone from the LAN starts to > dowload! > > My router box is: Slackware 9.0 (2.4.20 kernel) > > > Thank you > Try with PREROUTING. -- BSD ownz me -- Daniel Ortiz d.ortiz@xxxxxxxxxxxx ILIMIT Comunicacions Departament Sistemes http://www.ilimit.es Tel: (+34) 93 733 33 75 Fax: (+34) 93 733 32 43
Attachment:
pgp00149.pgp
Description: PGP signature
