Re: [LARTC] shaping on tcp ports
On Wednesday 29 December 2004 13:50, Paras pradhan wrote: hi all: the following scipt is wokring perfectly with limiting ...on limimitng per ip basis.. eth0=public static ip eth2= private ip ( 192.168.2.1) -- iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/32 -d 192.168.2.101/32 -j MARK --set-mark 21012 tc class add dev eth2 parent 1:1 classid 1:2101 htb rate 32kbit ceil 64kbit tc filter add dev eth2 parent 1:0 protocol ip prio 2 handle 21012 fw classid 1:2101 tc qdisc add dev eth2 parent 1:2101 handle 2101: sfq perturb 10 - Now what i am trying to do is... limiting 192.168.2.101 75% for httpd and 25% to rest.. what i have to do? i am confused on iptables marking as well.. You need 2 htb classes, 1 for httpd and 1 for the rest. And you need 2 iptables rules, 1 to mark httpd and 1 to mark the rest. And you need 2 filter rules, 1 to put the marked httpd traffic in the httpd class and to put the other traffic in the other class. Stef ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ how do we mark in single iptables line using for ex: --dport 21 and -d 192.168.3.88 or have to do seperatly. Thanks Paras. Paras pradhan Systems Dept. Bajranet PVT LTD Kathmandu Nepal. ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] shaping on tcp ports
On Friday 31 December 2004 12:44, Paras pradhan wrote: how do we mark in single iptables line using for ex: --dport 21 and -d 192.168.3.88 or have to do seperatly. I'm not sure if you can do it in 1 command. Just try it out. Stef ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] shaping on tcp ports
On Wednesday 29 December 2004 13:50, Paras pradhan wrote: hi all: the following scipt is wokring perfectly with limiting ...on limimitng per ip basis.. eth0=public static ip eth2= private ip ( 192.168.2.1) -- iptables -t mangle -A POSTROUTING -s ! 192.168.0.0/32 -d 192.168.2.101/32 -j MARK --set-mark 21012 tc class add dev eth2 parent 1:1 classid 1:2101 htb rate 32kbit ceil 64kbit tc filter add dev eth2 parent 1:0 protocol ip prio 2 handle 21012 fw classid 1:2101 tc qdisc add dev eth2 parent 1:2101 handle 2101: sfq perturb 10 - Now what i am trying to do is... limiting 192.168.2.101 75% for httpd and 25% to rest.. what i have to do? i am confused on iptables marking as well.. You need 2 htb classes, 1 for httpd and 1 for the rest. And you need 2 iptables rules, 1 to mark httpd and 1 to mark the rest. And you need 2 filter rules, 1 to put the marked httpd traffic in the httpd class and to put the other traffic in the other class. Stef ___ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/