[gentoo-user] I can't get traffic shaping to work properly :(
I have tried following the howto here: http://gentoo-wiki.com/HOWTO_Packet_Shaping But it doesn't work. First of all it ends up limiting both upload AND download. I have tried a few different ways with all the same result. Anyone know what is wrong here? Here is my firewall file: Code: #!/bin/bash # # Explaination of iptables for clarity # # #filter - table used to implement the firewall # #nat- table used to implement IP masquerading (=internet sharing) # #mangle - table used for specialized packet alteration # # # # | tables | chains | explaination # #-+---+---+ # # | | | # # | _/-- INPUT - for traffic coming into your box # # | filter _--- OUTPUT for traffic going out of your box # # | \-- FORWARD --- for packets being routed through the box (= packets that aren't meant for you) # | | | # # | _/-- PREROUTING for altering traffic as soon as it comes in # | nat ---_--- POSTROUTING --- for altering traffic locally-generated packages before routing # | \-- OUTPUT for altering traffic as it's about to go out # | | | # # | | | # # | mangle # # | | # # | | # # # Options for new rules (-A rules) # --- # -p - protocol (tcp, udp, icmp, or all) # -s - source # -d - destination # -j - target of the rule (where to send it) # -i - in interface (only for INPUT, FORWARD and PREROUTING chains) # -o - out interface (only for FORWARD, OUTPUT and POSTROUTING chains) # # # ## Variables applying to the system IPTABLES='/sbin/iptables' # external interface EXTIF='eth0' # internal interface INTIF='eth1' TORRENT_CLIENT_PORT='65123' ### Modules needed, just add one per line. MODULES=ip_tables iptable_nat ip_nat_ftp ip_conntrack_ftp for i in $MODULES; do echo Inserting module $i modprobe $i done # Flush rules and delete chains $IPTABLES -F $IPTABLES -X $IPTABLES -F -t nat $IPTABLES -F -t mangle # Set the default policies for the chains $IPTABLES -t filter -P INPUT DROP $IPTABLES -t filter -P OUTPUT ACCEPT $IPTABLES -t filter -P FORWARD DROP $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t nat -P POSTROUTING ACCEPT $IPTABLES -t nat -P OUTPUT ACCEPT ### Set up the firewall rules # Allow all connections established by me (because default is to drop) $IPTABLES -t filter -A INPUT -i lo -j ACCEPT # Allow anything from the lan to this box $IPTABLES -t filter -A INPUT -i $INTIF -j ACCEPT # Allow anything from outside in if connection is already established $IPTABLES -t filter -A INPUT -i $EXTIF -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow the following services in from the wild $IPTABLES -t filter -A INPUT -i $EXTIF -p tcp --dport ssh -j ACCEPT $IPTABLES -t filter -A INPUT -i $EXTIF -p tcp --dport 80 -j ACCEPT # allow ftp on special port $IPTABLES -t filter -A INPUT -i $EXTIF -p tcp --dport 6543:6599 -j ACCEPT $IPTABLES -t filter -A INPUT -i $EXTIF -p udp --dport 6543:6599 -j ACCEPT #$IPTABLES -t filter -A INPUT -i $EXTIF -p tcp --dport 20 -j ACCEPT #$IPTABLES -t filter -A INPUT -i $EXTIF -p udp --dport 20 -j ACCEPT ## Prioritizing packets for shaping MARKPRIO1=1 MARKPRIO2=2 MARKPRIO3=3 MARKPRIO4=4 # Setting priority marks # Prio 1 # icmp iptables -t mangle -A FORWARD -p icmp -j MARK --set-mark $MARKPRIO1 iptables -t mangle -A OUTPUT -p icmp -j MARK --set-mark $MARKPRIO1 # ssh iptables -t mangle -A FORWARD -p tcp --dport 22 -j MARK --set-mark $MARKPRIO1 iptables -t mangle -A OUTPUT -p tcp --dport 22 -j MARK --set-mark $MARKPRIO1 # non tcp iptables -t mangle -A FORWARD -p ! tcp -j MARK --set-mark $MARKPRIO1 iptables -t mangle -A OUTPUT -p ! tcp -j MARK --set-mark $MARKPRIO1 # Prio 2 # Prio 3 # http iptables -t mangle -A FORWARD -p tcp --dport 80 -j MARK --set-mark $MARKPRIO3 iptables -t mangle -A OUTPUT -p tcp --dport 80 -j MARK --set-mark $MARKPRIO3 # https iptables -t mangle -A FORWARD -p tcp --dport 443 -j MARK --set-mark $MARKPRIO3 iptables -t mangle -A OUTPUT -p tcp --dport 443 -j MARK --set-mark $MARKPRIO3 # smtp iptables -t mangle -A FORWARD -p tcp --dport 25 -j MARK --set-mark $MARKPRIO3 iptables -t mangle -A OUTPUT -p tcp --dport 25 -j MARK --set-mark $MARKPRIO3 # Prio 4 # packets 1024 bytes iptables -t mangle -A FORWARD -p tcp -m length --length 1024: -j MARK --set-mark $MARKPRIO4 # bittorrent iptables -t mangle -A FORWARD -i eth0 -p tcp --sport 1025:65535 -j MARK --set-mark $MARKPRIO4 iptables -t mangle -A FORWARD -i eth0 -p tcp --dport 1025:65535 -j MARK --set-mark
[gentoo-user] Has anyone been able to get internet through a phone via bluetooth to work?
I got it to work in ubuntu on a friends computer in about 15 minutes but
gentoo has something seriously wrong with bluetooth. I have tried
everything I can think of. Is there something I am doing wrong here?
Anyone have any ideas? I have checked and rechecked my configuration
files but can't find any problems. My phone seems to be paired, I can
ping it and find out what services it operates. But it seems you can do
that even when it's not paired.
When the bluetooth service is started /dev/rfcomm0 is created and should
be linked to my phone. Here is my rfcomm.conf
*Code:*
#
# RFCOMM configuration file.
#
rfcomm0 {
# Automatically bind the device at startup
bind yes;
# Bluetooth address of the device
device 00:12:56:5a:92:59;
# RFCOMM channel for the connection
channel 8;
# Description of the connection
comment My LG C500;
}
My DUN service on my phone should be on channel 8 (that what it shows on
other computers and this one) but I get the following error when I try
to connect. My phone does not do anything when I do this. But I noticed
that if I try to connect on channel 3 my bluetooth icon on my phone will
light up like it is prepared to do something. Only thing I can think of
is that bluetooth in gentoo (an older version than what is available I
beleive) doesn't support channel 8. But that just sounds stupid.
A simple rfcomm connect gives the following error:
*Code:*
rfcomm connect /dev/rfcomm0 00:12:56:5A:92:59 8
Can't create RFCOMM TTY: Address already in use
Any ppp program will also report the modem in use or not available.
Thanks for any help.
--
gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Vmware player startup error message
I get the same message. vmware seems to work just fine, don't worry about it. Kevin O'Gorman wrote: When I start vmware player, I always get this message: /opt/vmware/player/lib/bin/vmplayer: /opt/vmware/player/lib/lib/libpng12.so.0/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2) Vmware seems to run anyway, so I'm not sure -- is this a problem? Both cairo and vmware are installed by portage, and I'm not aware of any configuration I have done aside from the virtual machine images. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] hibernation and various programs.
Thomas Rösner wrote: Xamindar wrote: Richard Fish wrote: On 12/6/06, Xamindar [EMAIL PROTECTED] wrote: I have hibernation set up on my laptop and am just wondering if there are any programs that are unsafe to have running when hibernating. One of the main ones im wondering about would be vmware. Can I hibernate while I have windows xp running in vmware and still have it exactly how I left it when I power back on? I will probably try it soon anyway but just wondering if anyone else out there has more experience. I have done this, but end up rebooting the vmware session every time I try, because I move around to different networks and the networking between linux and XP gets confused. So generally I'd recommend suspending the virtual machine with vmware's suspend function first, and then hibernate. You are right, it kills the vmware machine on hibernate. I just tried it. Oh well, at least it doesn't freeze. I'll try that vmware suspend function. vmware uses Alsa, no? I see no way you can keep sound apps running if you have to unload the alsa module before hibernating. Regards, T. hmm, maybe that is it. I'll try not unloading the alsa drivers and see if it still crashes. Do most sound drivers resume just fine? I think with mine the sound will still work on a resume and will only NOT work if I was playing music while I hibernated. So I just set it to unload them every time to be safe. -- gentoo-user@gentoo.org mailing list
[gentoo-user] hibernation and various programs.
I have hibernation set up on my laptop and am just wondering if there are any programs that are unsafe to have running when hibernating. One of the main ones im wondering about would be vmware. Can I hibernate while I have windows xp running in vmware and still have it exactly how I left it when I power back on? I will probably try it soon anyway but just wondering if anyone else out there has more experience. Also, I notice that my cpu governors and being able to change the clock speed of the cpu no longer function once I resume from suspend. One other thing is that any programs that use the sound device are killed when I hibernate (because hibernate is set to restart alsasound or else sound doesn't work any more)any way to stop that from happening? Thanks for any insight. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] hibernation and various programs.
Michael Crute wrote: On 12/6/06, Xamindar [EMAIL PROTECTED] wrote: I have hibernation set up on my laptop and am just wondering if there are any programs that are unsafe to have running when hibernating. One of the main ones im wondering about would be vmware. Can I hibernate while I have windows xp running in vmware and still have it exactly how I left it when I power back on? I will probably try it soon anyway but just wondering if anyone else out there has more experience. Also, I notice that my cpu governors and being able to change the clock speed of the cpu no longer function once I resume from suspend. One other thing is that any programs that use the sound device are killed when I hibernate (because hibernate is set to restart alsasound or else sound doesn't work any more)any way to stop that from happening? I have had problems with Firefox 2 crashing every time I resume, it spouts some nonsense about gnome-vfs and dies. I have also on occasion not been able to enter my password into xscreensaver after a reboot, for that Ctrl+Alt+F1 and login then kill xscreensaver works without harming anything else. HTH. -Mike Yeah, I have those same problems. I noticed though that xscreensaver runs extremely slow on resume and I can't enter a password. If I wait sometimes it recovers but most of the time just do what you do and kill it. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] hibernation and various programs.
Richard Fish wrote: On 12/6/06, Xamindar [EMAIL PROTECTED] wrote: I have hibernation set up on my laptop and am just wondering if there are any programs that are unsafe to have running when hibernating. One of the main ones im wondering about would be vmware. Can I hibernate while I have windows xp running in vmware and still have it exactly how I left it when I power back on? I will probably try it soon anyway but just wondering if anyone else out there has more experience. I have done this, but end up rebooting the vmware session every time I try, because I move around to different networks and the networking between linux and XP gets confused. So generally I'd recommend suspending the virtual machine with vmware's suspend function first, and then hibernate. You are right, it kills the vmware machine on hibernate. I just tried it. Oh well, at least it doesn't freeze. I'll try that vmware suspend function. Also, I notice that my cpu governors and being able to change the clock speed of the cpu no longer function once I resume from suspend. One other thing is that any programs that use the sound device are killed when I hibernate (because hibernate is set to restart alsasound or else sound doesn't work any more)any way to stop that from happening? Are you using the alsa drivers from the kernel, or the alsa-drivers package? And which sound driver? Alsa drivers from the kernel. snd_hda_intel snd_hda_codec I guess the 2 points of advice I can offer here are: 1. If you are doing suspend-to-ram, do *not* unload any hardware drivers. A lot of hardware expects the OS to preserve state through STR, and that is really only possible if the drivers remain in memory. I don't, suspend to ram works great. 2. If you are doing suspend-to-disk, it should be possible to unload/reload virtually any modules, such as acpi. This is because the BIOS is executed and is responsible for setting the initial hardware states. -Richard With hibernate I am still working on the acpi stuff. I tried having it unload the cpu governor modules but it says they are in use when I try to hibernate. Cpu sticking on maximum after a resume from hibernation is really annoying. -- gentoo-user@gentoo.org mailing list
