On Mon, 25 Oct 2010 08:11:05 -0700 (PDT), Landy Landy <landysaccount@xxxxxxxxx> wrote: > Amos: > > I'm already using tc to do just that: > > This is the upload rules: > > $tc class add dev eth0 parent 1:3 classid 1:1226 htb rate 141kbit > ceil 169kbit prio 4 > $tc filter add dev eth0 parent 1:0 protocol ip prio 4 handle 1226 fw > classid 1:1236 > $tc qdisc add dev eth0 parent 1:1226 handle 1018: sfq perturb 2 > > I've also tried marking the packets in the INPUT chain. But, haven't had > any luck. > Just to confirm: you are using a recent snapshot tarball of 3.2 beta releases to do this right? with the packet marking netfilter libraries built in? Amos > --- On Mon, 10/25/10, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > >> From: Amos Jeffries <squid3@xxxxxxxxxxxxx> >> Subject: Re: Limiting user's bandwidth >> To: squid-users@xxxxxxxxxxxxxxx >> Date: Monday, October 25, 2010, 1:34 AM >> On 25/10/10 03:22, Landy Landy >> wrote: >> > Hello everyone. >> > >> > A while back I posted here that I was trying to >> control our user's >> > bandwidth with iproute. I know it can be done with >> squid but, didn't >> > want squid to do more than block some domains and do >> its caching >> > which does pretty well. I have a script to control bw >> and assign each >> > user 512kbps/256kbps. When I have squid running the >> control gets >> > bypassed. >> > >> > I was marking packets on the FORWARD chain which >> caused to the bypass >> > since the pages are served from the gw by squid >> instead of just doing >> > the FORWARD. Now, I did some thinking, and changed the >> chain marking >> > the packet to look like this: >> > >> > $iptables -t mangle -A POSTROUTING -d 172.16.250.1 -j >> MARK --set-mark >> > 1053 $iptables -t mangle -A POSTROUTING -d >> 172.16.250.1 -j RETURN >> > >> > This controls the download bandwidth the way I want >> it. Works well. >> > Now, for the upload speed I guess I'm having the same >> problem as >> > before. The upload speed does not get controlled. I >> applied this >> > chain: >> > >> > $iptables -t mangle -A POSTROUTING -s 172.16.250.1 -j >> MARK --set-mark >> > 1054 $iptables -t mangle -A POSTROUTING -s >> 172.16.250.1 -j RETURN >> > >> > and the user can upload at full speed. >> > >> > Also tried PREROUTING and nothing. >> > >> > I need to control upload since I have some users >> uploading videos, >> > mp3, and other stuff that consume most of the upload >> bw. >> > >> > Does anyone has an idea how can I control the upload >> speed? >> >> Marking by itself does nothing but set a number on each >> packets meta >> data. You need other software which handles the marks and >> delays packets >> based on them. "tc" is one such. >> >> As you have notice packets which go to Squid are not >> FORWARDed by the >> OS. They are received as INPUT to Squid, and sometimes as >> OUTPUT from >> the Squid user and process. >> >> Amos >> -- >> Please be using >> Current Stable Squid 2.7.STABLE9 or >> 3.1.8 >> Beta testers wanted for 3.2.0.2 >>
