On Wed, 2010-12-22 at 23:57 +0100, lupuscramus wrote: > > Looks right for the Squid part. > > > > Also check that Squid was built with the netfilter-conntrack library and > > the QoS feature enabled. > > --enable-zph-qos --with-netfilter-conntrack > > > > when not explicitly specified for ./configure the feature support is at > > the mercy of the automatics and may be disabled relatively silently if > > required system pieces are missing. > That reminds me, I was going to have a further look at this, because if LIBCAP isn't present but netfilter-conntrack is, then the features get built but just "don't work". There should probably be a warning either when compiling or when running. > > iptables should have something to track packet markings with. > > I've recompiled squid with the missed options, and in the iptables logs I can > see the packets are marked. > > For information, if someone want to know how verify if the packets are marked > : > > iptables -A OUTPUT -j LOG > iptables -A INPUT -j LOG > iptables -A FORWARD -j LOG > cat /var/log/kern.log > > So, the problem comes from tc, not squid. > > > I'm not familiar with the specific tc configuration to help further sorry. > > Do you know someone who managed to use the squid marked packets > to make a QoS based on ip source with classful queuing ? (cbq, htb) > Yes, I do this. For an example you could have a look at my website. It is out of date and probably not exactly what you are looking for, but it would probably give you an idea: http://www.andybev.com/index.php/Fair_traffic_shaping_an_ADSL_line_for_a_local_network_using_Linux HTB is a tricky beast. There is information out there, but sometimes need to look hard. > Or do you know where I can ask help ? It seems the LARTC mailing-list is dead. > The netfilter mailing lists are the places to ask. The LARTC mailing list unfortunately seemed to become unused a couple of years back. Andy
