hello all
Sorry for posting, but after many hours searching in several faqs , i decide to
post to find some help.
tcstart started without any boot error message
The bering pc are serving 16 pcs in my lan To share a 128K leased line.
I noticed that shaping not running , because yesterday one guys using imesh
have their downloads at 3x5k . and then surfing was verry slow.
I appreciate Any help to find whats wrong in my setting.
Thanks
i noticed also on the weblet interface,
The firewall status are in Error ( just 5min after rebooting):
firewall Firewall Status: error
You have 518 denied or rejected packets in your recent packet logs.
::Hits sorted by porttype::
hits port Service
134 80 www
119 137 netbios-ns
110 138 netbios-dgm
28 1214
27 1428
20 1900
18 28431
7 5499
7 27024
7 27023
##########################
After 1 hour : i have that
firewall Firewall Status: error
You have 2637 denied or rejected packets in your recent packet logs.
::Hits sorted by porttype::
hits port Service
422 137 netbios-ns
335 138 netbios-dgm
295 80 www
127 27015
118 27024
118 27023
118 27022
118 27021
118 27020
118 27019
118 27018
118 27017
118 27016
There are some of my Shorewall setting. ALL THE REST ARE DEFAULT
##############################################################################
Shorewall.conf
ADD_IP_ALIASES=Yes (because i am usint SNAT)
MANGLE_ENABLED=Yes
TC_ENABLED=Yes
CLEAR_TC=No
MARK_IN_FORWARD_CHAIN=Yes
##############################################################################
TCRULES:
#MARK SOURCE DEST PROTO
PORT(S) CLIENT PORT(S)
1 eth1 0.0.0.0 all
2 fw 0.0.0.0 all
3 fw 0.0.0.0 tcp 80
4 fw 0.0.0.0 tcp 20
4 fw 0.0.0.0 tcp 21
4 fw 0.0.0.0 tcp
1214 -
4 fw 0.0.0.0 tcp 4329
4 fw 0.0.0.0 tcp 4661:4665
4 fw 0.0.0.0 tcp 412
##############################################################################
TOS:
#SOURCE DEST PROTOCOL SOURCE PORTS DEST
PORTS TOS
all all tcp -
ssh 16
all all tcp ssh -
16
all all tcp -
ftp 4
all all tcp ftp -
4
all all tcp 80
80 16
all all tcp ftp-data -
2
all all tcp - ftp-
data 2
all all tcp -
1214 2
all all tcp 1214 -
2
all all tcp 4329 -
2
all all tcp -
4329 2
all all tcp 4661:4665 -
2
all all tcp -
4661:4665 2
all all tcp 412 -
2
all all tcp -
412 2
##############################################################################
RULES:
# Playing Games online : Camelot
#
ACCEPT fw net:193.252.123.0/24 tcp 1280
ACCEPT fw net:193.252.123.0/24 tcp
10500:10504
ACCEPT fw net:193.252.123.0/24 tcp
10622:10624
##############################################################################
TCSTART
run_tc qdisc add dev eth0 root handle 1: htb default 30
run_tc class add dev eth0 parent 1: classid 1:1 htb rate 128kbps ceil 128kbps
run_tc class add dev eth0 parent 1:1 classid 1:10 htb rate 72kbps ceil 128kbps
burst 2k prio 1
run_tc class add dev eth0 parent 1:1 classid 1:11 htb rate 32kbps ceil 128kbps
prio 2
run_tc class add dev eth0 parent 1:1 classid 1:12 htb rate 24kbps ceil 128kbps
prio 3
run_tc filter add dev eth0 protocol ip parent 1:0 prio 4 handle 2 fw classid
1:10
run_tc filter add dev eth0 protocol ip parent 1:0 prio 5 handle 3 fw classid
1:11
run_tc filter add dev eth0 protocol ip parent 1:0 prio 6 handle 4 fw classid
1:12
-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
