: Maybe its messages is offtopic but... I have no good ideas how to solve : my problem. It's not at all off topic for this list. You may find, if you need more libipq help, that the netfilter-devel list is a better list, but for this general "and traffic control, too" question, you have reached the right place. : I am writing program that must realtime control traffic flows ( : control/account/bandwitdth/etc ip traffic ). I am using 2.4.x Netfilter : queue kernel module (ip_queue) so program can get packets via libipq. : In this case I can easy control traffic (set verdict NF_ACCEPT or : NF_DROP) and statistics traffic (via counters). But how to shape : traffic flow? Well, this could be tricky depending on your expectations. If you know exactly what sort of shaping you intend to use, and it doesn't need to be dynamically manipulated, then I have an answer for you. If, on the other hand, you wish to dynamically alter the classes and bandwidth allocated to a stream, you have a bit more of a task ahead of you. [...snip...] : How to build own queue(s) for specific traffic flows that going via my : program and setup on them some shaping discipline like TBF - just for : shape traffic, set certain rate? I'm no whiz-kid with the libipq stuff, but if you can mark the packets in any way, (-j MARK --set-mark $MARK), then you can easily use a static traffic control/shaping set of qdiscs. You mention TBF--this is fine and dandy, but doesn't allow you to classify packets. You may wish to consider learning HTB. You could set up a large number of classes each with a specific ceiling. Then you get token bucket filter for free on a subset of your traffic--each subset independently. : What is better for system perfomance when use such shaping and when : using kernel QoS? So, in summary, I would recommend creating an HTB tree, and then using dynamically altered MARKs to select packets for a particular output class. This way, you'll not need to alter the traffic control setup once you have it configured the way you like it. : * Avoid The Gates of Hell use Linux : ** Wenn ich sterbe, legt mir eine Birne in mein Grab ... Warum ausgerechnet eine Birne? Und wessen? :) -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx
