NOC Phibee wrote: >Hi > >I am search a sample config for my linux box: > Shorewall 3.2.3 > Eth0 => Internet Access 4Mbits on ethernet > Eth1 => Lan > Eth2 => Lan 2 > Eth3 => Lan 3 > >i want limit the internet access: > Eth1 = 2 Mbits > Eth2 = 0,5 Mbits > Eth3 = 1,5 Mbits > >but if eth1 don't use 2 Mbits other lan can use it > >anyone have a simple sample config for help me ?
Do you require inbound limiting as well as outbound ? If so then it becomes a bit harder. I'll start with the outbound as that's fairly easy : There's an article on the shorewall site about configuring traffic shaping, that together with the articles at http://lartc.org/howto/lartc.cookbook.ultimate-tc.html and http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm should give you enough information to figure out how to do it. In short, you attach an HTB queue to eth0, and then define classes below that to control/shape the traffic. Inbound is a lot harder to do, and in this setup I'm not entirely certain what's required. You can only shape traffic that is leaving an interface - you CANNOT shape traffic that is coming in. In a simple two-interface box you can apply traffic shaping to the internal interface and it will have the effect of shaping the inbound traffic (I've just set this up at a clients site) - but here you have multiple interfaces. So what I suspect you need to do is create an Intermediate Queing Device (http://lartc.org/howto/lartc.imq.html). You can then apply the traffic shaping to traffic 'exiting' via this interface, and after that it can be routed out of the real interfaces. Don't forget that in these cases, you need to allow for traffic that originated either on the firewall, or from other local nets, and allow it an 'unrestricted' class so that you don't shape 'internal' traffic to the speed of your internet connection. Beyond that though, it's into territory I haven't been (yet). ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
