reguli pe masina locala exista? eg, pachetele generate local trec prin vreo regula htb? PS: si de ce marchezi pachetele?
--- Original Message --- > Salut, > Folosesc kernelul 2.6.15.7 cu suport pt HTB (de fapt toata > sectiunea qos), HTB-tools.0.3.0-beta4 si Mandriva2006. Am 4 > placi de retea (3 fizice si una virtuala) deoarece momentan > am 3 clase de IP-uri, dar una dintre clase (eth1) nu este inca > data in folosinta si fac teste pe ea > > cum procedez: > iptables -t mangle -N mark_horiz_src > iptables -t mangle -N mark_horiz_dst > iptables -t mangle -A PREROUTING -i eth0 -j mark_horiz_src > iptables -t mangle -A PREROUTING -i eth1 -j mark_horiz_dst > iptables -t mangle -A OUTPUT -o eth0 -j mark_horiz_dst > ............................................... > #la sfarsitul fw > /usr/sbin/importbgp > > unde importbgp este: > #!/bin/bash > bgp_file=/var/local/ipclasses.bgp > if wget -q --output-document=$bgp_file > http://clienti.evolva.ro/subnets.php?net=all; then > mipclasses -s mark_horiz_src -d mark_horiz_dst -m 1 < > $bgp_file | iptables-restore -n > fi > > eth0-qos.cfg si eth1-qos.cfg arata astfel: > > eth0-qos.cfg > class class_1 { > bandwidth 4096; > limit 4096; > burst 0; > priority 1; > > client client1 { > bandwidth 128; > limit 256; > burst 0; > priority 1; > src { > xx.xx.xx.230/32; > }; > }; > > client client2 { > bandwidth 64; > limit 256; > burst 0; > priority 1; > src { > xx.xx.xx.2/32; > }; > }; > ........................................... > client clientX { > bandwidth 128; > limit 128; > burst 0; > priority 1; > src { > xx.xx.xx.90/32; > }; > }; > class default { bandwidth 8; }; > > si > > eth1-qos.cfg > class class_1 { > bandwidth 4096; > limit 4096; > burst 2; > priority 1; > que sfq; > client client1 { > bandwidth 96; > limit 128; > burst 0; > priority 1; > dst { > xx.xx.xx.230/32; > }; > }; > client client2 { > bandwidth 96; > limit 128; > burst 0; > priority 1; > dst { > xx.xx.xx.2/32; > }; > }; > ................................ > client clientX { > bandwidth 96; > limit 128; > burst 0; > priority 1; > dst { > xx.xx.xx.90/32; > }; > }; > }; > class default { bandwidth 8; }; > > dar cand pornesc HTB, pica netul...pe toate placile de retea > . > > [EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb start > > Starting HTB-tools on eth0 ... > Checking the config file ...OK > Checking kernel support for HTB: present. > HTB-tools was successfuly started on eth0. > > > Starting HTB-tools on eth1 ... > Checking the config file ...OK > Checking kernel support for HTB: present. > HTB-tools was successfuly started on eth1. > > [EMAIL PROTECTED] gelu]# ping www.yahoo.com > > [EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb stop > Deleting rules for device eth0 > Deleting rules for device eth1 > [EMAIL PROTECTED] gelu]# ping www.yahoo.com > PING www.yahoo.akadns.net (209.191.93.52) 56(84) bytes of > data. > 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): > icmp_seq=1 ttl=49 time=1 > 73 ms > 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): > icmp_seq=2 ttl=49 time=1 > 72 ms > > --- www.yahoo.akadns.net ping statistics --- > 2 packets transmitted, 2 received, 0% packet loss, time 1004ms > > rtt min/avg/max/mdev = 172.960/173.024/173.088/0.064 ms > > Multumesc > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > > http://mail.yahoo.com > _______________________________________________ > RLUG mailing list > RLUG@lists.lug.ro > http://lists.lug.ro/mailman/listinfo/rlug _______________________________________________ RLUG mailing list RLUG@lists.lug.ro http://lists.lug.ro/mailman/listinfo/rlug