Andy Furniss wrote:
I am running proftpd on (192.168.1.101) with the port set to 65437 and
with passive ports set to 50000-51000. Proftpd allows you to specify a
range of ports to use on passive transfers. I need to be able to limit
my outbound ftp traffic to 40 Kbytes per second.
Could you post the bits of the proftpd config that do this - I have (but rarely use) proftpd and could test.
PassivePorts 50000 51000 # Port 21 is the standard FTP port. Port 65437
Both ways.The only way I can see to do this is limit by marking packets with iptables. I am marking traffic on 65436 which is the active ftp data port (65437-1) and 50000-60000. Outbound shaping is working fine....however....inbound ftp traffic is also being shaped to 40K. I have no idea why.
Is this when there is ftp traffic both ways or just inbound?
You need to add another rule to stop the acks for the upload getting put in the queue for the outbound.
Just marking on size would be OK for you I think, as a test try adding -
iptables -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 26 .
Andy.
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
