On Fri, 2012-01-06 at 15:18 +0100, Pavel Hladík wrote: > Hi, first of all thanks for excelent shorewall sw, which makes my job a > little bit easier. I have a problem with traffic shaping. I would like to > shape http traffic and I'm testing the shaping from local host 192.168.1.10 > by this command "wget > http://ftp.cvut.cz/centos/6.2/isos/x86_64/CentOS-6.2-x86_64-bin-DVD1.iso";, > but unfortunately I'm on the full speed of 10/10mbit link. Can you please > have a look to my status.txt where should be a problem. Thank you!
The wget command is used to *download* from a web site. Download traffic
cannot be shaped unless you use an IFB. All you can do is ingress
policing by using the IN-BANDWIDTH column of tcdevices.
Also, you have the following mark rules:
Chain tcfor (1 references)
pkts bytes target prot opt in out source
destination
0 0 MARK 80 -- * * 0.0.0.0/0
0.0.0.0/0 MARK set 0x1
79910 67M MARK all -- * * 0.0.0.0/0
0.0.0.0/0 MARK set 0x2
Download traffic has PROTO 6 (TCP) and SOURCE PORT 80; you have PROTO
80.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
