Tom Eastep wrote:
Torquil Macdonald Sørensen wrote:
Roberto C. Sánchez wrote:
On Sun, Mar 14, 2010 at 01:45:18PM +0100, Torquil Macdonald Sørensen
wrote:
Package: shorewall-shell
Version: 4.4.7.5-1
Severity: normal
I have configured shorewall for bandwidth limiting, and this worked
fine before.
Now it no longer works. The contents of my /etc/shorewall/tcdevices is
eth1 800kbit 400kbit
and eth1 is the interface of my wireless network card, which I use
exclusively.
'iptables --list' shows me that shorewall has been enabled, and the
log file
/var/log/shorewall-init.log shows:
..
..
..
Mar 14 01:11:46 Adding rules for DHCP
Mar 14 01:11:46 Compiling TCP Flags filtering...
Mar 14 01:11:46 Compiling Kernel Route Filtering...
Mar 14 01:11:46 Compiling Martian Logging...
Mar 14 01:11:46 Compiling /etc/shorewall/tcdevices...
Mar 14 1:11:46 Tcdevice "eth1 800kbit 400kbit" Compiled.
Mar 14 01:11:46 Compiling MAC Filtration -- Phase 1...
Mar 14 01:11:46 Compiling /etc/shorewall/rules...
Mar 14 1:11:46 Rule "ACCEPT net fw tcp 8010" Compiled
Mar 14 1:11:46 Rule "ACCEPT net fw tcp 22" Compiled
..
Please provide the output of 'shorewall show tc' as an attachment.
Also, please keep the shorewall-users mailing list in the CC, as there
are people there who use tc (I do not personally use it) and they will
be able to provide further assistance.
Regards,
-Roberto
Hi! I have attached the output of 'shorewall show tc' as a text file.
That output shows no evidence of ANY traffic shaping configuration.
Please:
tar -czf shorewall.tgz /etc/shorewall
Send the tarball as an attachment to upl...@shorewall.net
Thanks,
-Tom
After doing some more debugging, it seems that the bandwidth limit works better
after doing a restart of shorewall, after my computer has started up. So it
might be a Debian problem that causes this.
I now noticed that the output of 'shorewall show tc' is not the same when
running after on shorewall restart.
Maybe shorewall isn't started correctly when the computer boots? I know
shorewall is started automatically, as seen by the massive output of "iptables
--list" after boot. Also, I have "startup=1" in my /etc/default/shorewall.
Directly after startup, neither download or upload bandwidth are limited. After
one restart of shorewall, the download speed is correctly limited, however the
upload speed is not... In my current configuration, the limits according to
'tcdevices' are supposed to be 400kbit/s down, 50kbit/s up.
After startup, the results from the bandwidth test was around 1900kbit/s down
and 400kbit/s up. After one restart, the results were around 400kbit/s down and
the still the same speed up.
After one manual shorewall restart, the output of 'shorewall show tc' is:
**********************************************************
Shorewall 4.4.7.5 Traffic Control at tmac - Sun Mar 14 20:19:02 CET 2010
Device eth0:
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1
1 1
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth1:
qdisc htb 1: root refcnt 2 r2q 5 default 0 direct_packets_stat 3026 ver 3.17
Sent 834620 bytes 3026 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc ingress ffff: parent ffff:fff1 ----------------
Sent 1013552 bytes 2968 pkt (dropped 120, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
class htb 1:1 root prio 0 quantum 1250 rate 50000bit ceil 50000bit burst 1599b/8
mpu 0b overhead 0b cburst 1599b/8 mpu 0b overhead 0b level 0
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 3999984 ctokens: 3999984
*********************************************************
Does this contain "upload speed" limiting for eth1? As mentioned, this is after
a manual shorewall restart, and therefore download limiting seems to work fine
when this output was taken.
My configuration has been sent to upl...@shorewall.net as requested.
Torquil
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
