Re:

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

tc filter matching my POSTROUTING marks well.
Packets got marked and if I set shape my connection to 2 mbps,
disconnect all other users, and try for example, speedtest, it gives
me nothing more than 2 mbps, so there is no problem. Bandwidth is
shaped well.

Best regards, Igor V. Filakhtov

GMail: filakhtov@xxxxxxxxx | Cell: (050) 65-66-280 | Skype: ihor.filakhtov


On Tue, Sep 3, 2013 at 12:03 PM, Nicolas Sebrecht <nsebrecht@xxxxxxxx> wrote:
> The 02/09/13, Igor Filakhtov wrote:
>> This is done via IPTables:
>>
>> # Inbound traffic:
>> # All traffic, coming outside of lan (! -s 192.168.1.0) network with
>> destination 192.168.1.1 (my PC) get marked with 21
>> iptables -t mangle -A POSTROUTING ! -s 192.168.1.0/24 -d 192.168.1.1
>> -j MARK --set-mark 21
>> # All traffic, coming from 3128 port from 192.168.1.200 (Debian
>> router/server) to 192.168.1.1 (my PC) also marked with 21 (this is
>> SQUID proxy)
>> iptables -t mangle -A POSTROUTING -p tcp --sport 3128 -s 192.168.1.200
>> -d 192.168.1.1 -j MARK --set-mark 21
>> # Same two lines for smartphone
>> iptables -t mangle -A POSTROUTING ! -s 192.168.1.0/24 -d 192.168.1.2
>> -j MARK --set-mark 21
>> iptables -t mangle -A POSTROUTING -p tcp --sport 3128 -s 192.168.1.200
>> -d 192.168.1.2 -j MARK --set-mark 21
>> # ... More lines for other user's devices (marked 22, 23, 24, 25)
>
> ASAIK, packets go to the IMQ just after the PREROUTING chain of MANGLE
> for the inbound traffic.  Please, make sure you tc filter match the
> PREROUTING chain of iptables.
>
>> On Mon, Sep 2, 2013 at 4:24 AM, Horace <horace@xxxxxxxxxxxxxxx> wrote:
>> > Igor wrote:
>> >
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 21 fw flowid 1:21
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 22 fw flowid 1:22
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 23 fw flowid 1:23
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 24 fw flowid 1:24
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 25 fw flowid 1:25
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 1 handle 29 fw flowid 1:29
>> >> tc filter add dev $LAN protocol ip parent 1:0 prio 2 handle 10 fw flowid 1:10
>> >
>> > Where do you mark the traffic and put them into class?
>> >
>> > Horace
> --
> Nicolas Sebrecht
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux