On Mon, Dec 05, 2016 at 01:26:28PM -0500, Stefan Monnier wrote:
> I've been looking at the traffic shaping documentation but can't find
> the answer there: the "simple traffic shaping" seems to only be able to
> limit bandwidth on a whole interface (I only want to limit bandwidth to
> some of the machines on my wifi network), and the complex traffic
> shaping is flying way above my head.
>
> Could anyone give me some hint how I would go about limiting the
> bandwidth used by machine 192.168.1.16 (for example, or even by all the
> machines in the 192.168.1.16/28 subnet) without affecting other machines
> on the same wlan0 interface?
It's not as bad as it looks.
tcdevices:
## set to something useful for your ISP if shaping external interface
eth1 - 1000mbit
/etc/shorewall/mangle:
MARK(0x2):T 192.168.1.0/28 -
/etc/shorewall/tcclasses
eth1 1 100kbps full 2 default
eth1 2 100kbps 100kbps 1 -
Note, see documentation regarding these details:
incoming traffic can't be shaped;
prioritize TCP ACK or SSH or ...
also see documentation for "flow=dst"
See also shorewall.conf:
TC_ENABLED=Internal, TC_EXPERT=No, FORWARD_CLEAR_MARK,
MARK_IN_FORWARD_CHAIN,
MASK_BITS (previously: WIDE_TC_MARKS, HIGH_ROUTE_MARKS).
Justin
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
