On Monday 31 January 2005 23:17, Andy Furniss wrote:
Ahh - I thought that squid could limit connections based on the rate the client could sustain. You can shape incoming to squid with imq if hooked after nat, because its traffic will have real dst address - other will have been denatted.
Could you give me some example, how to do that? Thanks ..
There may be a way to do this with a dummy device soon, but for now you need too patch kernel with imq from http://www.linuximq.net choose to hook after nat (may be default - the first letter in imq kernel config needs to be A)
Set up htb with your rules for sharing/ priorotising interactive traffic attached to imq0.
In prerouting mangle you can do some marking eg. small tcp/udp to get priority. Then append a rule like this -
iptables -t mangle -A PREROUTING -i eth0 -j IMQ --todev 0
Somewhere in you htb setup make a class for you squid traffic and filter traffic to it something like -
tc class add dev imq0 parent 1:2 classid 1:33 htb rate 220kbit ceil 480kbit quantum 1500 prio 1
tc filter add dev imq0 protocol ip parent 1:0 prio 1 u32 \ match ip dst 220.1.1.1 flowid 1:33
You also need to first modprobe imq if it's a module and bring it up with -
modprobe imq numdevs=1
ip link set imq0 up
Andy.
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
