[LARTC] Packet Interception
Hello! In the earlier mail I think I was not clear... Actually the following is my requirements: 1) our requirement is to capture all packets originating/destined to a particular machine. This also includes ping packets to same machine/localhost. i.e. at machine A we want to also capture packets originating from say machine A and destined to machine A (these propably do not go to data link layer). 2) we want to experiment the behavior by adding delays to those packets, and that is why we want the actual packet and a copy of packet wont serve purpose. 3) we are open to listen at whatever layer (datalinke/network) and so how can we achieve this functionality. ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] Packet capturing
Hello Everybody! I am an Engineering student and doing a project on WAN Emulator. Can anyone please tell me the way to capture a packet on Network Layer. I want to capture original packet and not the copy(i think libpcap provides a copy of the original packet). Let suppose we get a copy on Netwok layer then how we can destroy the original packet Plz suggest meThanks in advance ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] script
please could any one help me with a sample script to limit the uplink iam using eth1 to conect the internet 256 kbps and eth0 64 kbps for down load i would like to limit bandwidth for kaaza etc regards sunil Dealing in Computers, Software and Peripherals Jayesh Chandran Compucat Technologies(An associate of Milan Cable Television)1.Goliondoi Road, Arusha.2.Ground Floor, Serengeti Wing,PB No. 10367, AICC, Arusha, Tanzania [EMAIL PROTECTED] tel: fax: mobile: +255 27 2502660+255 27 2504527+255 748 586169 Add me to your address book... Want a signature like this?
[LARTC] script
10.0.0.0/24 -p tcp --dport 53 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p udp --dport 53 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 22 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 23 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 21 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 25 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 110 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 5190 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 6661:6669 -j MARK --set-mark 11$IPTABLES -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 11$IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p udp --dport 3128 -j MARK --set-mark 11$IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p tcp --dport 3128 -j MARK --set-mark 11#$IPTABLES -t mangle -A POSTROUTING -p icmp -j RETURN$TC filter add dev eth1 parent 1:0 protocol ip handle 11 fw flowid 1:10 $TC filter add dev eth1 parent 1:0 protocol ip handle 12 fw flowid 1:20 $TC filter add dev eth1 parent 1:0 protocol ip handle 13 fw flowid 1:30 please help with clarification regards Dealing in Computers, Software and Peripherals Jayesh Chandran Compucat Technologies(An associate of Milan Cable Television)1.Goliondoi Road, Arusha.2.Ground Floor, Serengeti Wing,PB No. 10367, AICC, Arusha, Tanzania [EMAIL PROTECTED] tel: fax: mobile: +255 27 2502660+255 27 2504527+255 748 586169 Add me to your address book... Want a signature like this?
[LARTC] htb script
dear all iam newbie , i have 256 kbits of down link and 64 kbits of up link iam using squid and htb i have got this while browsing the net , there are some few issues i need help while running the script i want browsing to be as fast as possible , uplink especially kaaza should not eat my band width. eth1 got public ip address and eth0 is internal with network 10.0.0.0/24 iam also using nat , how can i make squid incoporates with htb (squid uses 3128) here is my script please help with clarification regards Dealing in Computers, Software and Peripherals Jayesh Chandran Compucat Technologies(An associate of Milan Cable Television)1.Goliondoi Road, Arusha.2.Ground Floor, Serengeti Wing,PB No. 10367, AICC, Arusha, Tanzania [EMAIL PROTECTED] tel: fax: mobile: +255 27 2502660+255 27 2504527+255 748 586169 Add me to your address book... Want a signature like this? #!/bin/bash TC=/sbin/tc IPTABLES=/sbin/iptables $TC qdisc del dev eth0 root 2> /dev/null > /dev/null $TC qdisc del dev eth1 root 2> /dev/null > /dev/null $TC qdisc del dev eth1 ingress 2> /dev/null > /dev/null $IPTABLES -F POSTROUTING -t mangle $TC qdisc add dev eth0 root handle 1: htb default 50 r2q 2 $TC class add dev eth0 parent 1: classid 1:2 htb rate 248Kbit burst 35k $TC class add dev eth0 parent 1:2 classid 1:10 htb rate 220Kbit ceil 240Kbit burst 25k prio 0 $TC class add dev eth0 parent 1:2 classid 1:30 htb rate 28Kbit ceil 28Kbit burst 10k prio 1 $TC class add dev eth0 parent 1: classid 1:60 htb rate 1Kbit ceil 100Mbit prio 1 $TC qdisc add dev eth0 parent 1:10 handle 11: sfq perturb 10 $TC qdisc add dev eth0 parent 1:30 handle 33: sfq perturb 10 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -j MARK --set-mark 3 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 80 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 443 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 22 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 21 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 53 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 53 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 110 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 5190 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 6661:6669 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 3128 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 3128 -j MARK --set-mark 1#$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p icmp -j MARK --set-mark 1 $TC filter add dev eth0 parent 1:0 protocol ip handle 1 fw flowid 1:10 $TC filter add dev eth0 parent 1:0 protocol ip handle 3 fw flowid 1:30 $TC filter add dev eth0 parent 1:0 protocol ip prio 1 u32 \ match ip protocol 0x6 0xff \ match ip tos 0x10 0xff \ flowid 1:60 ## $TC qdisc add dev eth1 root handle 1: htb default 20 $TC class add dev eth1 parent 1: classid 1:1 htb rate 62Kbit burst 35k $TC class add dev eth1 parent 1:1 classid 1:10 htb rate 40Kbit ceil 60Kbit burst 25k prio 1 $TC class add dev eth1 parent 1:1 classid 1:20 htb rate 15Kbit ceil 55Kbit burst 10k prio 2 $TC class add dev eth1 parent 1:1 classid 1:30 htb rate 7Kbit ceil 28Kbit burst 5k prio 3 $TC qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 $TC qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 $TC qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10 $TC filter add dev eth1 parent 1:0 protocol ip prio 10 u32 \ match ip tos 0x10 0xff flowid 1:10 $TC filter add dev eth1 parent 1: protocol ip prio 10 u32 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x 0xffc0 at 2 \
[LARTC] Auto Load Balancing in Linux sever
Hello, Im having an intranet of 100 linux machines sharing the internet and have two lease line internet connections Does anyone know how to auto load balance in the intranet server considering the current traffic, bandwidth etc, instead of using static routes with iproute2. Thanks in advance Jayesh ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] shaping domain names(www.xyz.com)
Hi, Is there any way by which we can shape domain name(not by IP address) Eg : suppose i want to shape tarrif to a particular domain www.xyz.com which has multiple ips and i am not aware of there ips how can we do that. Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] 1000's of classes and filters
Hi , Let me rephrase my problem with more details and some history. We are running an application on a system which does NAT'ting and shaping. TC and iptable rules are added and deleted at runtime. A TC rule will be, tc class add dev eth1 parent 1:1 classid 1:5001 htb rate 256kbit ceil 256kbit tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip src 10.1.1.1 match ip flowid 1:5001 At peak some 700 to 800 such rules will be present. Same rules for the other inteface. Deleting a rule is flush out all the rules and reapply :) ( handler could have been used to delete a particular rule, but we have not yet upgraded ) We had ext3 filesystem installed at he beginning. But regularly the box would go down with a kernel panic. The stack trace when this occured is attached. We then moved to resiserfs filesystem. This time although there was no kernel panic, the box hanged with junk messages printed in all our application logs. The box doesnt even respond on the console. Hard reboot is the only thing we can do. Pls find all the details given below. Any suggestions/solutions are welcome. Regards Jayesh System details : Kernel version : 2.4.23 HTB init, kernel part version 3.13 SCSI Adaptec storage controllers 1 GB RAM lspci --- 00:00.0 Host bridge: Intel Corp.: Unknown device 254c (rev 01) 00:02.0 PCI bridge: Intel Corp. e7500 HI_B Virtual PCI-to-PCI Bridge (F0) (rev 01) 00:1d.0 USB Controller: Intel Corp. 82801CA/CAM USB (Hub (rev 02) 00:1e.0 PCI bridge: Intel Corp. 82801BA/CA PCI Bridge (rev 42) 00:1f.0 ISA bridge: Intel Corp. 82801CA ISA Bridge (LPC) (rev 02) 00:1f.1 IDE interface: Intel Corp. 82801CA IDE U100 (rev 02) 00:1f.3 SMBus: Intel Corp. 82801CA/CAM SMBus (rev 02) 01:02.0 VGA compatible controller: ATI Technologies Inc Rage XL (rev 27) 02:1c.0 PIC: Intel Corp. 82870P2 P64H2 I/OxAPIC (rev 04) 02:1d.0 PCI bridge: Intel Corp. 82870P2 P64H2 Hub PCI Bridge (rev 04) 02:1e.0 PIC: Intel Corp. 82870P2 P64H2 I/OxAPIC (rev 04) 02:1f.0 PCI bridge: Intel Corp. 82870P2 P64H2 Hub PCI Bridge (rev 04) 03:01.0 Ethernet controller: Intel Corp. 82557/8/9 [Ethernet Pro 100] (rev 08) 03:02.0 Ethernet controller: Intel Corp. 82557/8/9 [Ethernet Pro 100] (rev 08) 04:01.0 Ethernet controller: Intel Corp.: Unknown device 100f (rev 01) 04:04.0 SCSI storage controller: Adaptec: Unknown device 801f (rev 03) 04:04.1 SCSI storage controller: Adaptec: Unknown device 801f (rev 03) Ksymoops output with ext3 filesystem - Dec 21 06:57:02 theseus kernel: kernel BUG at checkpoint.c:587! Dec 21 06:57:02 theseus kernel: invalid operand: Dec 21 06:57:02 theseus kernel: CPU:0 Dec 21 06:57:02 theseus kernel: EIP:0010:[]Not tainted Using defaults from ksymoops -t elf32-i386 -a i386 Dec 21 06:57:02 theseus kernel: EFLAGS: 00010292 Dec 21 06:57:02 theseus kernel: eax: 0069 ebx: f6c46660 ecx: fffe edx: Dec 21 06:57:02 theseus kernel: esi: f7ecc660 edi: f6c46660 ebp: e03fdc10 esp: f7de9e1c Dec 21 06:57:02 theseus kernel: ds: 0018 es: 0018 ss: 0018 Dec 21 06:57:02 theseus kernel: Process kjournald (pid: 11, stackpage=f7de9000) Dec 21 06:57:02 theseus kernel: Stack: c0257500 c02558c6 c025583d 024b c02558a9 f6c46660 c0166173 f7ecc660 Dec 21 06:57:02 theseus kernel:f6c46660 cd59ce60 e03fdc10 c0165b6f e03fdc10 e03fdc10 c01660fb e03fdc10 Dec 21 06:57:02 theseus kernel:0012 f19f0540 f19f0540 f19f0d40 f7ecc660 f7ecc660 c01643ef Dec 21 06:57:02 theseus kernel: Call Trace:[] [] [] [] [] Dec 21 06:57:02 theseus kernel: [] [] [] [] [] [] Dec 21 06:57:02 theseus kernel: [] [] Dec 21 06:57:02 theseus kernel: Code: 0f 0b 4b 02 3d 58 25 c0 83 c4 14 8b 53 1c 85 d2 74 29 68 a0 >>EIP; c01662ec <__journal_drop_transaction+5c/282> <= Trace; c0166173 <__journal_remove_checkpoint+53/80> Trace; c0165b6f <__try_to_free_cp_buf+1f/40> Trace; c01660fb <__journal_clean_checkpoint_list+5b/80> Trace; c01643ef Trace; c020036c Trace; c0109cea Trace; c011a94b Trace; c0109e9c Trace; c01142c3 Trace; c0166e26 Trace; c0166d00 Trace; c0107136 Trace; c0166d20 Code; c01662ec <__journal_drop_transaction+5c/282> <_EIP>: Code; c01662ec <__journal_drop_transaction+5c/282> <= 0: 0f 0b ud2a <= Code; c01662ee <__journal_drop_transaction+5e/282> 2: 4bdec%ebx Code; c01662ef <__journal_drop_transaction+5f/282> 3: 02 3d 58 25 c0 83 add0x83c02558,%bh Code; c01662f5 <__journal_drop_transaction+65/282> 9: c4 14 8b les(%ebx,%ecx,4),%edx Code; c01662f8 <__journal_drop_transaction+68/282> c: 53push %ebx Code; c01662f9 <__journal_drop_transaction+69/282> d: 1c 85 sbb$0x85,%al Code; c01662fb <__journal_drop_transaction+6b/282>
[LARTC] 1000's of classes and filters
Hi, More than 1000's of classes and filters gets created/deleted in run time. Are we doing it correctly( as our requirement is such). Since few days we are facing lots of problems, like the server gets hanged, we get some junk messages in our logs. we have to reboot our server every now and then. What is the max limit of classes/filters can be created. we are using redhat 7.3. Can any body suggest why is this hapenning. Is any thing to do with tc, we are also using IPtables (but not for shaping). Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] example clarification needed
Hi, I have a parent class 1:1 with rate=ceil=64kbit i create 3 classes under it(1:1). class 1:2 rate=ceil=32kbit class 1:3 rate=ceil=16kbit class 1:4 rate=ceil=16kbit if 64kbit traffic is flowing from the cable all the 3 classes will get their respective shape. 1 .if only 32kbit data is flowing(for some reason). a. Then how will the traffic gets distributed.? b. Is it in first come first serve bases or gets equally distributed.if distributed equally then what is the logic behind it. 2. if more than 64kbit is flowing then what happens ? Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] tool to monitor HTB class utilisation
Hi, can any body suggest any tool which can show the utilisation for individual classes for HTB. preferable written in C/or shell script. Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] sum of child rates exceeds parent rate
Hi, i have created a parent class with 45Meg rate/ceiling Note : The actual traffic flowing via that pc is around 6Meg to 15Meg I assume the problem will come only when the traffic is more than 45Meg. Now if i create child classes whose sum of rates crosses more than 45Meg ? 1.How that tc behaves. 2.Will this affect browsing. Pls let me know this details Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] htb info needed
Hi, Want to know few things abt tc rules getting stored. 1.When a tc rule is added where does tc store it( in memory or in some flat file or some DB). 2.When the rules are added does it do any I/O operations. Regards Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] setting quantum values
Hi, when we add a class we get an error "HTB Quantum too small,or too big" i read in docum.org that we need to set the quantun value which should be >1500 and <6. but i need to add classes with diff type of rates. eg : Min : 32 kbit and Max : 512 kbit. now in this case how do i set my quantum value which satifies all types of rates. Pls let me know,This is very urgent for me. Regadrs Jayesh - Still single? Click here to find the perfect match. http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?141 ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
[LARTC] HTB filters - pls help me
Hi, we r using HTB algorithm,for traffic shaping, we are facing a problem. we are able to create multiple classes,filters. But when we delete 1 filter all filter gets deleted. how do we avoid that. waiting for you reply Regards Jayesh - Shop & Save at Sifymall.com! Special Festive Offers - up to 60% off on DVD players, MP3 Players. Mobile phones and more. Click here: http://sify.com/deals ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/