Re: limiting upload speeds does not work

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tomáš Hnyk wrote:

Hello, I want only a very simple thing, but I have been unable to get it working so far. I would like to shape my DC++ traffic firmly to certain speeds. I am using an embedded linux router (asus wl500g), and a NATed PC (address 192.168.1.100). eth1 is a WAN interface and br0 is the LAN interface of the router.DC++ client is running on 4111 ports(tcp and udp) I actually managed to shape download wth this script:
iptables -t mangle -A FORWARD -p tcp --dport 4111 -j MARK --set-mark 1
tc qdisc add dev br0 root handle 1:0 htb default 0
tc class add dev br0 parent 1:0 classid 1:1 htb rate 1024kbit
tc class add dev br0 parent 1:1 classid 1:11 htb rate 256kbit
tc filter add dev br0 parent 1:0 protocol ip handle 1 fw flowid 1:11
And I thought it would be similar with upload, but it is not, I tried this script:
iptables -t mangle -A FORWARD -p tcp --sport 4111 -j MARK --set-mark 2
tc qdisc add dev eth1 root handle 2:0 htb default 0
tc class add dev eth1 parent 2:0 classid 2:1 htb rate 1024kbit
tc class add dev eth1 parent 2:1 classid 2:11 htb rate 256kbit
tc filter add dev eth1 parent 2:0 protocol ip handle 2 fw flowid 2:11
but it did not work. However, the problem seems to be in the way how I mark packets since when I type this:
iptables -t mangle -A FORWARD -i br0 -j MARK --set-mark 2
or this:
iptables -t mangle -A FORWARD -s 192.168.1.100 -j MARK --set-mark 2
upload immidiately goes to 64kbits or something, but so does everything else too - which is not exactly what I am trying to accomplish;-).
Since I am running out of ideas, have you got any? Or even an completely different approach to the problem? Thanks in advance, 
Tomas
Probably ports alone are not enough, I suppose DC will make outgoing connections so src port will be anything and dst port will be whatever the peer chose to run DC on.
There are projects called ipp2p and l7 filter that are made to match P2P - I don't use them myself so can't say if they work well with DC.
Another way would be to mark the traffic from 192.168.1.100 that you know is not from DC and then mark any unmarked packets as DC. 

Andy.
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux