Hello, Yes, I have solved the problem. Unfortunatelly I do not recall all the details now. But yes - I had to use shared memory I have created two scripts: tc-control.pl: --init Initialize IPC --destroy Destroy IPC --stat Print statistics --up IP UP connection. Set the traffic shaping rules for IPv4 address IP --down IP DOWN connection. Unset the traffic shaping rules for IPv4 address IP --help Get this help and exit tc-control.sh: tc-control --help tc-control --init tc-control --add <class1 id> <class2 id> <ip> tc-control --del <class1 id> <class2 id> <ip> The first script is called when new connection goes UP or DOWN. The second one is called from the first one to add or remove specific classes. When I was looking for alternatives I have also found this project: https://en.wikipedia.org/wiki/Shorewall Their web site is not responding at the moment hence I can't send you exact link to their docs but they have something interesting about traffic shaping per IP also. 2015-11-17 11:58 GMT+02:00 Jérôme Féneau <feneau@xxxxxxxxx>: > Hi Vitaly, > > thanks for your inputs. Did you finally find a solution for your problem ? > > There are interesting things in your answer, here is what I noticed : > > "My current idea is to store mark in the shared memory and increment it > > with every new client." > > It could be a good solution but how do you achieve this ? > > And how do you accordingly create the relevant rules in tc ? > > Regards > > Jérôme > > 2015-11-17 10:13 GMT+01:00 Vitaly Repin <vitaly_repin@xxxxxxxx>: >> Hello, >> >> I had a little bit more complicated task but I think you can take >> some useful ideas from there: >> http://www.spinics.net/lists/lartc/msg23254.html >> >> 2015-11-17 10:55 GMT+02:00 Jérôme Féneau <feneau@xxxxxxxxx>: >>> >>> Hello LARTC community, >>> >>> finally any idea how to implement traffic shhaping with netfilter and >>> tc with unknown IP addresses and the same class of traffic for all ? >>> >>> Regards >>> >>> Jérôme >>> >>> 2015-11-14 17:46 GMT+01:00 Jérôme Féneau <feneau@xxxxxxxxx>: >>> > Hi Yucong, >>> > >>> > HTTP server actually is not the first application that end-users >>> > reach, but Varnish. And behind Varnish I have a NGINX web server. >>> > >>> > Regards >>> > >>> > Jérôme >>> > >>> > 2015-11-14 15:48 GMT+01:00 Yucong Sun <sunyucong@xxxxxxxxx>: >>> >> What HTTP server you are using? nginx support per-conenction hashlimit >>> >> pretty good. >>> >> >>> >> On Sat, Nov 14, 2015 at 8:09 PM, Jérôme Féneau <feneau@xxxxxxxxx> wrote: >>> >>> >>> >>> Hello LARTC community, >>> >>> >>> >>> I have a project where I want to limit bandwidth per user connection. For >>> >>> instance all users that will be connecting to my HTTP server will be >>> >>> provided 256 Kbps. >>> >>> >>> >>> I know how to do it from known IP addresses by marking and allocating each >>> >>> IP to its own QoS class (actually they all have the same, ie 256 Kbps). >>> >>> This involves to create a lot of lines (one by IP) in iptables and tc. >>> >>> >>> >>> The tricky thing - from my point of view - is to be able to dynamically >>> >>> allocate each user (you don't know his IP in advance) to his QoS class >>> >>> from >>> >>> iptables and tc (reminder : all users must be allocated the same >>> >>> bandwidth). >>> >>> >>> >>> I would sincerely appreciate your help on this. >>> >>> >>> >>> Regards >>> >>> >>> >>> Jérôme >>> >>> -- >>> >>> To unsubscribe from this list: send the line "unsubscribe lartc" in >>> >>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>> >>> More majordomo info at http://vger.kernel.org/majordomo-info.html >> >> -- >> WBR & WBW, Vitaly > > > > -- > Jérôme Féneau > 06 67 31 46 07 > Skypeid : jfeneau92 -- WBR & WBW, Vitaly -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html