Hi Stirling; see shorewall FAQ 67 http://www.shorewall.net/FAQ.htm#TC
>From the lsmod output you sent me off-list, it looks like you are missing cls_basic. Just add it /etc/modules and run hwdetect. kp Am Sonntag, 23. November 2014, 17:35:50 schrieb Stirling Westrup: > I've recently set up a LEAF "Bering-uClibc" Firewall - 5.1.2-rc1, on an old > K6-2 machine I had laying around. Because the K6-2 CPU doesn't implement > the CMOV instruction, I'm running the i486 version of the distro. > > I've been able to solve a number of issues in the setup and configuration > on my own (this isn't my first LEAF router), but I've run into a major > issue when trying to set up traffic shaping. > > For testing purposes, I'm using the shorewall example for > wondershaping-like behaviour, modified for my setup: > tcdevices file > > #INTERFACE IN-BANDWITH OUT-BANDWIDTH > ppp0 3500kbit 650kbit > > tcclasses file > > #INTERFACE MARK RATE CEIL PRIORITY OPTIONS > ppp0 1 5*full/10 full 1 > tcp-ack,tos-minimize-delay > ppp0 2 3*full/10 9*full/10 2 default > ppp0 3 2*full/10 8*full/10 2 > > mangle file > > #ACTION SOURCE DEST PROTO PORT(S) CLIENT > USER # PORT(S) > MARK(1):F 0.0.0.0/0 0.0.0.0/0 icmp echo-request > MARK(1):F 0.0.0.0/0 0.0.0.0/0 icmp echo-reply # > mark traffic which should have a lower priority with a 3: > # mldonkey > MARK(3) 0.0.0.0/0 0.0.0.0/0 udp - 4666 > > when I do a 'shorewall refresh' using the above, I get this message: > > ... > Setting up Proxy ARP... > Setting up Traffic Control... > RTNETLINK answers: No such file or directory > We have an error talking to the kernel > ERROR: Command "tc filter add dev ppp0 parent ffff: protocol all prio 10 > basic police mpu 64 rate 3500kbit burst 10kb action drop" Failed > Processing /etc/shorewall/stop ... > Processing /etc/shorewall/tcclear ... > Running /sbin/iptables-restore... > IPv4 Forwarding Enabled > Processing /etc/shorewall/stopped ... > Terminated > > > When I look at the last few entries of kern.log, it says this: > > Nov 23 17:05:57 bossy kernel: [96053.256432] traps: iptables[13590] general > protection ip:a7797b3e sp:afc95384 error:0 in ld-uClibc-0.9.33.2.so > [a7796000+6000] > Nov 23 17:05:57 bossy root: ERROR:Shorewall refresh failed > Nov 23 17:05:58 bossy root: Shorewall Stopped > > I don't know nearly enough about TC to guess what part of that complex > command is the actual culprit. Any help at all would be appreciated. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
