On Fri, Mar 30, 2007 at 06:34:50PM -0300, Davi wrote: > Em Sexta 30 Março 2007 18:28, você escreveu: > > On Mar 30 2007 18:22, Davi wrote: > > >Hi all! > > > > > >I would like to reserve some band to some services. > > >Like 30 Kb to HTTP, 60 Kb to POP/IMAP, 20 Kb to SMTP and FTP, i.e. > > > > > >Can I do this using iptables + iproute or I must use Squid? > > > > No to all three questions. > > > > > > Jan > > Sorry... =P > Just one question: can I do this (band limit) without Squid? > > Searching here, I found CBQ... > Anyone has used it? > More information about traffic shaping and the different classes (HTB, CBQ) here : http://www.lartc.org/ http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm Some useful examples : http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm http://lartc.org/wondershaper/ And with iptables you can use connmark target to mark your packets : (working on it) [...] # Let's restore the mark, if there is one, otherwise redirect # the packet to be matched # A packet which has been marked is known to have the eighth bit set iptables -t mangle -A traffic_shaping -m connmark --mark 0x80/0x80 \ -j CONNMARK --restore-mark iptables -t mangle -A traffic_shaping -m connmark --mark 0x80/0x80 \ -j RETURN # Set the right mark for traffic # ------------------------------ # Set non-TCP packets to the highest priority since there is no handshake # It means the client is not waiting for a reply to send you other data. This would result # in the loss of theses data. iptables -t mangle -A traffic_shaping -p !tcp \ -j CONNMARK --set-mark 0x81 iptables -t mangle -A traffic_shaping -p ! tcp \ -j RETURN # Sort SSH connections iptables -t mangle -A traffic_shaping -p tcp --sport 22 \ -j CONNMARK --set-mark 0x82 iptables -t mangle -A traffic_shaping -p tcp --sport 22 \ -j RETURN iptables -t mangle -A traffic_shaping -p tcp --dport 22 \ -j CONNMARK --set-mark 0x82 iptables -t mangle -A traffic_shaping -p tcp --dport 22 \ -j RETURN [...] -- Franck Joncourt http://www.debian.org http://smhteam.info/wiki/ GPG server : pgpkeys.mit.edu Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE
Attachment:
signature.asc
Description: Digital signature
