I'm using the basic shorewall traffic shaping - I may have copied extra modules, but the config seems to work for me on 3.0RC1:
Uncommented from the /etc/modules file # # Traffic control modules sch_htb sch_sfq sch_ingress cls_fw cls_u32 My /lib/modules list: lrwxrwxrwx 1 root root 12 Apr 14 00:52 2.4.33 -> /lib/modules -rw-r--r-- 1 root root 20676 Dec 3 21:43 8139too.o -rw-r--r-- 1 root root 8504 Dec 3 21:43 8390.o -rw-r--r-- 1 root root 4072 Apr 13 21:03 cls_fw.o -rw-r--r-- 1 root root 5740 Apr 13 21:03 cls_route.o -rw-r--r-- 1 root root 5800 Apr 13 21:03 cls_rsvp.o -rw-r--r-- 1 root root 5964 Apr 13 21:03 cls_rsvp6.o -rw-r--r-- 1 root root 6040 Apr 13 21:03 cls_tcindex.o -rw-r--r-- 1 root root 6568 Apr 13 21:03 cls_u32.o -rw-r--r-- 1 root root 4300 Dec 3 21:43 crc32.o -rw-r--r-- 1 root root 26460 Dec 3 21:43 eepro100.o -rw-r--r-- 1 root root 32174 Apr 13 21:03 ip_conntrack.o -rw-r--r-- 1 root root 2904 Apr 13 21:03 ip_conntrack_amanda.o -rw-r--r-- 1 root root 5168 Apr 13 21:03 ip_conntrack_ftp.o -rw-r--r-- 1 root root 4188 Apr 13 21:03 ip_conntrack_h323.o -rw-r--r-- 1 root root 4480 Apr 13 21:03 ip_conntrack_irc.o -rw-r--r-- 1 root root 4444 Apr 13 21:03 ip_conntrack_mms.o -rw-r--r-- 1 root root 5104 Apr 13 21:03 ip_conntrack_pptp.o -rw-r--r-- 1 root root 4656 Apr 13 21:03 ip_conntrack_proto_gre.o -rw-r--r-- 1 root root 2904 Apr 13 21:03 ip_conntrack_quake3.o -rw-r--r-- 1 root root 4932 Apr 13 21:03 ip_conntrack_talk.o -rw-r--r-- 1 root root 2552 Apr 13 21:03 ip_conntrack_tftp.o -rw-r--r-- 1 root root 2236 Apr 13 21:03 ip_nat_amanda.o -rw-r--r-- 1 root root 3552 Apr 13 21:03 ip_nat_ftp.o -rw-r--r-- 1 root root 4244 Apr 13 21:03 ip_nat_h323.o -rw-r--r-- 1 root root 3072 Apr 13 21:03 ip_nat_irc.o -rw-r--r-- 1 root root 3972 Apr 13 21:03 ip_nat_mms.o -rw-r--r-- 1 root root 4104 Apr 13 21:03 ip_nat_pptp.o -rw-r--r-- 1 root root 2468 Apr 13 21:03 ip_nat_proto_gre.o -rw-r--r-- 1 root root 2992 Apr 13 21:03 ip_nat_quake3.o -rw-r--r-- 1 root root 10868 Apr 13 21:03 ip_nat_snmp_basic.o -rw-r--r-- 1 root root 4260 Apr 13 21:03 ip_nat_talk.o -rw-r--r-- 1 root root 2712 Apr 13 21:03 ip_nat_tftp.o -rw-r--r-- 1 root root 9440 Apr 13 21:03 ip_queue.o -rw-r--r-- 1 root root 2120 Apr 13 21:03 ipt_CLASSIFY.o -rw-r--r-- 1 root root 2184 Apr 13 21:03 ipt_CONNMARK.o -rw-r--r-- 1 root root 3200 Apr 13 21:03 ipt_MASQUERADE.o -rw-r--r-- 1 root root 2528 Apr 13 21:03 ipt_MIRROR.o -rw-r--r-- 1 root root 1736 Apr 13 21:03 ipt_REDIRECT.o -rw-r--r-- 1 root root 3416 Apr 13 21:03 ipt_TARPIT.o -rw-r--r-- 1 root root 1512 Apr 13 21:03 ipt_ah.o -rw-r--r-- 1 root root 2876 Apr 13 21:03 ipt_condition.o -rw-r--r-- 1 root root 1628 Apr 13 21:03 ipt_connmark.o -rw-r--r-- 1 root root 1880 Apr 13 21:03 ipt_conntrack.o -rw-r--r-- 1 root root 1516 Apr 13 21:03 ipt_esp.o -rw-r--r-- 1 root root 1684 Apr 13 21:03 ipt_helper.o -rw-r--r-- 1 root root 9284 Apr 13 21:03 ipt_ipp2p.o -rw-r--r-- 1 root root 2400 Apr 13 21:03 ipt_owner.o -rw-r--r-- 1 root root 1868 Apr 13 21:03 ipt_physdev.o -rw-r--r-- 1 root root 1672 Apr 13 21:03 ipt_quota.o -rw-r--r-- 1 root root 11620 Apr 13 21:03 ipt_recent.o -rw-r--r-- 1 root root 1424 Apr 13 21:03 ipt_state.o -rw-r--r-- 1 root root 1876 Apr 13 21:03 ipt_stealth.o -rw-r--r-- 1 root root 1780 Apr 13 21:03 ipt_ttl.o -rw-r--r-- 1 root root 24555 Apr 13 21:03 iptable_nat.o -rw-r--r-- 1 root root 4204 Dec 3 21:43 mii.o -rw-r--r-- 1 root root 9308 Dec 3 21:43 n_hdlc.o -rw-r--r-- 1 root root 21716 Dec 3 21:43 natsemi.o -rw-r--r-- 1 root root 7800 Dec 3 21:43 ne2k-pci.o -rw-r--r-- 1 root root 9900 Dec 3 21:43 ppp_async.o -rw-r--r-- 1 root root 5232 Dec 3 21:43 ppp_deflate.o -rw-r--r-- 1 root root 24360 Dec 3 21:43 ppp_generic.o -rw-r--r-- 1 root root 12841 Dec 3 21:43 ppp_mppe.o -rw-r--r-- 1 root root 8092 Dec 3 21:43 ppp_synctty.o -rw-r--r-- 1 root root 11412 Dec 3 21:43 pppoe.o -rw-r--r-- 1 root root 3400 Dec 3 21:43 pppox.o -rw-r--r-- 1 root root 15316 Apr 13 21:03 sch_cbq.o -rw-r--r-- 1 root root 5376 Apr 13 21:03 sch_csz.o -rw-r--r-- 1 root root 5960 Apr 13 21:03 sch_dsmark.o -rw-r--r-- 1 root root 6392 Apr 13 21:03 sch_gred.o -rw-r--r-- 1 root root 16764 Apr 13 21:03 sch_hfsc.o -rw-r--r-- 1 root root 22644 Apr 13 21:03 sch_htb.o -rw-r--r-- 1 root root 3420 Apr 13 21:03 sch_ingress.o -rw-r--r-- 1 root root 5772 Apr 13 21:03 sch_netem.o -rw-r--r-- 1 root root 4128 Apr 13 21:03 sch_prio.o -rw-r--r-- 1 root root 3940 Apr 13 21:03 sch_red.o -rw-r--r-- 1 root root 4524 Apr 13 21:03 sch_sfq.o -rw-r--r-- 1 root root 5028 Apr 13 21:03 sch_tbf.o -rw-r--r-- 1 root root 5576 Apr 13 21:03 sch_teql.o -rw-r--r-- 1 root root 6360 Dec 3 21:43 slhc.o -rw-r--r-- 1 root root 4180 Dec 3 21:43 softdog.o -rw-r--r-- 1 root root 6344 Dec 13 20:47 tun.o Cheers, Matt -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bob Ramstad Sent: Tuesday, April 24, 2007 2:27 PM To: leaf-user@lists.sourceforge.net Subject: [leaf-user] traffic shaping on 3.0.2 Hi there. Again, upgrading 2.4.2 to 3.0.2 and revisiting some of the issues that I ran into back when I first configured 2.4.2. I'd like to use the shorewall traffic shaping capabilities, and have some nice recipes that are working fine in 2.4.2. >From my 2.4.2 configuration, I gather that to use these capabilities I need to load qos-htb and tc packages, and also need to load all the sched modules (from my 2.4.2 config /etc/modules) ### QoS ! dir /lib/modules/2.4.32/kernel/net/sched cls_fw cls_route cls_rsvp cls_rsvp6 cls_tcindex cls_u32 sch_cbq sch_csz sch_dsmark sch_gred sch_hfsc sch_htb sch_ingress sch_netem sch_prio sch_red sch_sfq sch_tbf sch_teql I also seem to need to load ipt_connmark ipt_CONNMARK as I do some per connection marking and restoring to use ipp2p effectively. Obviously all of these modules need to be declared in /etc/modules and (apparently) copied to /lib/modules and then backed up to floppy moddb.lrp I guess my question is if this appears to be sufficient to be able to use the three traffic shaping configuration files in shorewall, or if I'm missing something. Is there any LEAF specific documentation anywhere on setting up traffic shaping? In particular, the shorewall documentation is excellent in spelling out exactly which kernel modules need to be configured when building 2.4 and 2.6, but there is no corresponding LEAF documentation which states which modules are required to have all of the traffic shaping functionality required so that shorewall will work properly. >From my end here, and again perhaps this is more of a 3.1.0 thing, the 2.4.2 method for enabling traffic shaping strikes me as cumbersome. It would be nice if loading the tc package would automatically load the appropriate modules. Same with qos-htb. Having to configure the modules and load them manually, from floppy moddb.lrp, strikes me as inefficient. -- Bob ------------------------------------------------------------------------ - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
