#exempt networks (i.e. local lan)
EXEMPT=192.168.10.0/24
#added class for internal network traffic (5mbit of a 10mbit link)
tc class add dev $DEV parent 1: classid 1:2 cbq rate 5mbit \
allot 1500 prio 4 avpkt 1000
#qdisc
tc qdisc add dev $DEV parent 1:2 handle 90: sfq perturb 10
#loop through existing networks
for a in $EXEMPT
do
tc filter add dev $DEV parent 1:0 protocol ip pri 9 u32 \
match ip dst $a flowid 1:2
done
This worked fine! The following part however, does not work for some reason. I submitted a help ticket to this list, but it was waiting for moderator approval:
#for ingress:
tc qdisc add dev $DEV handle ffff: ingress
# filter *everything* to it (0.0.0.0/0), drop everything that's
# coming in too fast:
#exemptions by jere
for a in $EXEMPT
do
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
$a police rate 5mbit burst 15k drop flowid :1
done
tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
Since its not a seperate class, I cant see if the packets are getting matched. Everything is filtered at the second 0.0.0.0/0 police rate.
So now i can transfer files quickly from my server, but not to it.
any help?
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
