Re: [LARTC] wondershaper + htb prio + qdisc prio

Tue, 31 Dec 2002 02:50:53 -0800 

But you are not listening to what I and others have been saying. Forget
about the ICMP pings! They don't mean nothing!

Use the script I attached (change a few settings, like your own speeds,
interface and executables, speeds are in kbit!). Then use the following
iptables rules:

(eth0=my internet-interface, eth2=my LAN interface, change if needed !)

# ICMP packets have an even higher priority (so you can test it with ping,
but this doesn't help CounterStrike at all!)
# Don't do massive pings/traceroutes because that would choke other traffic
(including CS)!
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 1 -p ICMP
iptables -I OUTPUT     -t mangle -o eth0 -j MARK --set-mark 1 -p ICMP
# And here's Counter Strike:
# if you want you could add:  -m multiport --destination-port 27000:27050
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 1 -p
DP  --source-port 27005

# ACK Packets get higher priority than 'normal' packets
iptables -I PREROUTING -t mangle -i eth2 -j MARK --set-mark 2 -p TCP -m
length --length 0:100
iptables -I OUTPUT     -t mangle -o eth0 -j MARK --set-mark 2 -p TCP -m
length --length 0:100

And add some more yourself, remember:
- All rules are tested for each packet: MARK does _not_ stop like ACCEPT and
RETURN do.
- Therefore the order in which you place these rules is important.
- Rules are inserted (-I) in the table, so eventually (use iptables -L -n)
the rules will be 'upside down' in the table.
- Thus higher priorities rules (lower MARK numbers) should go first in your
script, otherwise they might be overruled by later rules.

Jannes Faber

----- Original Message -----
From: "Ciprian Niculescu" <[EMAIL PROTECTED]>
To: "Tornado" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, December 31, 2002 12:23 AM
Subject: Re: [LARTC] wondershaper + htb prio + qdisc prio


> On Mon, 30 Dec 2002 22:22:28 +0100, "Tornado"
> <[EMAIL PROTECTED]> said:
> > > >
> > > this is what i try, beacouse i dont realy play the game, i generate
> > > trafic to saturate the link, and ping from shell from an externat host
> >
> > In which case, you should check if your downstream is not chocking. Even
> > if
> > you shape outgoing packets, you can still get get bad pings, if your
> > downstream is running at max.
>
> no a 1Mbit trafic on a 5M no chocking :))))
>
> C
>

Attachment: tcstart.sh
Description: Binary data

Reply via email to