That script you included looks good, but it would be placed on eth1 (egress interface). The commands you included treats outbound, not inbound traffic. Generally speaking it's best to mark traffic as close to the source as Possible (e.g. as it enters a DS domain). Thinking only about SSH sessions initiated from his LAN, placing a single 'ip tables' line on eth0 which (re)marks _incoming_ SSH traffic would seem the way to go. _For_ _example_ _only_, you might remark SSH to have DSCP AF23, then have a simple prio map on the egress which places such traffic in the topmost queue. > -----Original Message----- > From: lartc-bounces@xxxxxxxxxxxxxxx [mailto:lartc-bounces@xxxxxxxxxxxxxxx] > On Behalf Of Vincent Dautremont > Sent: Thursday, August 30, 2007 11:00 AM > To: lartc@xxxxxxxxxxxxxxx > Subject: Fwd: Priotirize SSH Traffic > > oops, i forgot to reply to the list :-/ > > > Début du message réexpédié : > > > De : Vincent Dautremont <vdautrem@xxxxxxxxx> > Date : 30 août 2007 16:58:26 GMT+02:00 > À : Ali Jawad <alijawad1@xxxxxxxxx> > Objet : Rép : Priotirize SSH Traffic > > try that > #tc qdisc add dev eth0 root handle1: prio > # tc filter add dev eth0 protocol ip parent 1: prio 1 u32 match ip > dport 22 0xffff flowid 1:1 > # tc filter add dev eth0 protocol ip parent 1: prio 2 u32 match u32 > 0 0 flowid 1:2 > 1st command create a queuing discipling with a priority queuing. > 2nd command, say to give first priority to packets that have > destination port number 22 (standard ssh port). > 3rd command, say to default traffic to have priority number 2. > > you should just have to change eth0 if you are using another netword > device, but you should already know that. > Vincent. > > Le 30 août 07 à 16:45, Ali Jawad a écrit : > > > Hi All > I am currently learning traffic shapping and I need a script > that does prioritize SSH traffic on my debian router. > > My Internet interface is eth1 > My Lan interface is eth0 > > My Internet connection is 256 kbit/s down and 128 kbit per > second up. > > I hope someone does have a well documented (or maybe not so > documented) example on which I can build further rules as needed. > > Thx All. > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
