marking passive ftp and shaping

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am trying to mark outbound passive ftp traffic with iptables and shape it to 35KBytes. I am using the following script on the computer that runs the ftp server.

It is not working correctly, it seems to limit ALL traffic. Cant file share or anything.

Anyone might know what is wrong?

#!/bin/bash
#shaping passive ftp traffic

# mark the outbound passive ftp packets on ports 50000-51000
iptables -t mangle -D POSTROUTING -o eth0 -j MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null

iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I POSTROUTING -o eth0 -j MYSHAPER-OUT

iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 50000:51000 -j MARK --set-mark 1

# shape the traffic to 35Kbytes
tc qdisc del dev eth0 root
tc qdisc add dev eth0 root handle 1: htb
tc class add dev eth0 parent 1: classid 1:1 htb rate 35kbps
tc filter add dev eth0 parent 1:  prio 0 protocol ip handle 1 fw flowid 1:1
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux