I have the next config in a firewall:
[router]
|
[Firewall]
eth0: 200.x.x.x (public address)
eth1: 192.168.44.1 (private address)
|
[LAN] (192.168.44.0/24)
The router has a DS0 with 64kbit connection to internet(yes, that slow)
and the firewall makes nat to the private class.
I want that port 25 traffic(MTA) always have 4kbps and port 80 traffic,
another 4kbps.
I made this:
tc qdisc add dev eth0 root handle 1: htb default 12
tc class add dev eth0 parent 1: classid 1:1 htb rate 8kbps ceil 8kbps
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 4kbps ceil 8kbps
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 4kbps ceil 8kbps
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src \
192.168.44.0/24 match ip dport 25 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip src \
192.168.44.0/24 match ip dport 80 0xffff flowid 1:11
But from a machine of the class 192.168.44 (fw as gateway) I made a test
to an external http server and had no limit on port 80 traffic.
What can be wrong?
Is it necessary to add the same rules with eth1?
Omar
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
