Joachim, (Beautiful name, by the way....) : I've searched the archive for a solution where I want to limit/shape : WLAN users. I only know's their MAC, because they get their IP from : dhcp. : : > Why not, just use negative offsets with U32 to access : >the 14-byte eth frame header before the IP header: : > : >Decimal Ofs Description : >----------------------------------- : >-14: DST MAC, 6 bytes : >-8: SRC MAC, 6 bytes : >-2: Eth PROTO, 2 bytes, eg. ETH_P_IP : >0: Protocol header (IP Header) I think this came from some mails of about 6 or 8 months ago on the LARTC list, no? I recognize the content.... http://mailman.ds9a.nl/pipermail/lartc/2002q4/006552.html http://mailman.ds9a.nl/pipermail/lartc/2003q1/006663.html Note that Julian has expressed twice before that this is a bit of a hackish method of identifying and classifying packets, and in his second posting suggests a method to classify directly using "protocol arp". http://mailman.ds9a.nl/pipermail/lartc/2003q1/006739.html http://mailman.ds9a.nl/pipermail/lartc/2003q1/006740.html I haven't tried it, so have no idea how it might work. Maybe one of the gurus on this list will be able to tell you how to use the tc/u32 syntax to classify your frames. I think David Boreham's conclusion might be a bit easier for you though, if you really want to try to match on destination ethernet addresses. You could use the ARP table ("ip neigh show" or "arp -n") to get the information you need, and then mark packets based on source. I'd think a hashing filter would allow you to put each source IP in a different class. Now, on the other hand, if you have a DHCP pool of known size already, why not just create a single class for each of the available IPs in that DHCP pool. You can have a parent class which has a ceil of the total bandwidth you want to allow to this DHCP pool. Then each user will get 256kbit bandwidth until you have so many users in your DHCP pool that they start fighting over the bandwidth. At that point, HTB, will still give you fair distribution of the bandwidth, and you don't have to mess with link layer addressing and tc at all. DHCP-IP-0 256kbit class --+----- total DHCP pool bandwidth DHCP-IP-1 256kbit class --+ DHCP-IP-2 256kbit class --+ ... . DHCP-IP-n 256kbit class --+ Just a thought. : Is the above true? If so, can you give me an example with MAC address : 00:04:e2:5f:eb:e4. : : And, is it possible to shape so everyone gets 256kbit each? Yes, indeed....if you have that much bandwidth in your lunch pail. -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
