sávszélesség korlátozás mindkét irányban

[email protected] Fri, 12 Jun 2009 02:27:08 -0700

Sziasztok!

Szeretnek savszelesseg korlatozast csinalni letoltes es feltoltes 
iranyban. A letoltes irany mar mukodik, igy:


---

tc qdisc del dev eth1 root &> /dev/null
tc qdisc add dev eth1 root handle 1:0 htb default 50
tc class add dev eth1 parent 1:0 classid 1:1 htb rate 2000kbps

tc class add dev eth1 parent 1:1 classid 1:10 htb rate 100kbps ceil 
1500kbps prio 1
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 500kbps ceil 
1500kbps prio 2
tc class add dev eth1 parent 1:1 classid 1:30 htb rate 50kbps ceil 
500kbps prio 3
tc class add dev eth1 parent 1:1 classid 1:40 htb rate 50kbps ceil 
50kbps prio 4
tc class add dev eth1 parent 1:1 classid 1:50 htb rate 500kbps ceil 
1500kbps prio 5

tc qdisc  add dev eth1 parent 1:10 handle  10:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:20 handle  20:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:30 handle  30:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:40 handle  40:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:50 handle  50:  sfq perturb 10

tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 1 fw flowid 1:10
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 2 fw flowid 1:20
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 3 fw flowid 1:30
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 4 fw flowid 1:40
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 5 fw flowid 1:50

iptables -F -t mangle
iptables -F FORWARD

iptables -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p udp --sport 53 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p udp --dport 53 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp --sport 22 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp --dport 22 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp -m multiport --sport 80,443 -j 
MARK --set-mark 2
iptables -t mangle -A POSTROUTING -p tcp -m multiport --dport 80,443 -j 
MARK --set-mark 2

iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK 
--set-mark 4
iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK 
--set-mark 4
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.1.54/32 -m layer7 
--l7proto bittorrent -j MARK --set-mark 3
iptables -t mangle -A POSTROUTING -p tcp -d 192.168.1.54/32 -m layer7 
--l7proto bittorrent -j MARK --set-mark 3

---

Olvastam, hogy a download/upload iranyt igy celszeru megcsinalni tc-vel:

tc qdisc add dev $IF root handle 1: htb default 30
tc class add dev $IF parent 1: classid 1:1 htb rate 1mbit
tc class add dev $IF parent 1: classid 1:2 htb rate 1mbit
tc filter add dev $IF protocol ip parent 1:0 prio 1 u32 match ip dst $IP/32 
flowid 1:1
tc filter add dev $IF protocol ip parent 1:0 prio 1 u32 match ip src $IP/32 
flowid 1:2

---

Ezt probaltam beletenni az elso mukodo parancsok koze:

tc qdisc del dev eth1 root &> /dev/null
tc qdisc add dev eth1 root handle 1:0 htb default 50
tc class add dev eth1 parent 1:0 classid 1:1 htb rate 2000kbps
tc class add dev eth1 parent 1:0 classid 1:2 htb rate 100kbps

tc class add dev eth1 parent 1:1 classid 1:10 htb rate 100kbps ceil 
1500kbps prio 1
tc class add dev eth1 parent 1:1 classid 1:20 htb rate 500kbps ceil 
1500kbps prio 2
tc class add dev eth1 parent 1:1 classid 1:30 htb rate 50kbps ceil 
50kbps prio 3
tc class add dev eth1 parent 1:1 classid 1:40 htb rate 50kbps ceil 
50kbps prio 4
tc class add dev eth1 parent 1:1 classid 1:50 htb rate 500kbps ceil 
1500kbps prio 5

tc qdisc  add dev eth1 parent 1:10 handle  10:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:20 handle  20:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:30 handle  30:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:40 handle  40:  sfq perturb 10
tc qdisc  add dev eth1 parent 1:50 handle  50:  sfq perturb 10

tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip dst 
192.168.1.21 flowid 1:1
tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match ip src 
192.168.1.21 flowid 1:2

tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 1 fw flowid 1:10
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 2 fw flowid 1:20
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 3 fw flowid 1:30
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 4 fw flowid 1:40
tc filter add dev eth1 protocol ip parent 1:0 prio 1 handle 5 fw flowid 1:50

iptables -F -t mangle
iptables -F FORWARD

iptables -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p udp --sport 53 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p udp --dport 53 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp --sport 22 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp --dport 22 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp -m multiport --sport 80,443 -j 
MARK --set-mark 2
iptables -t mangle -A POSTROUTING -p tcp -m multiport --dport 80,443 -j 
MARK --set-mark 2

iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK 
--set-mark 4
iptables -t mangle -A POSTROUTING -m layer7 --l7proto bittorrent -j MARK 
--set-mark 4
iptables -t mangle -A POSTROUTING -p tcp -s 192.168.1.54/32 -m layer7 
--l7proto bittorrent -j MARK --set-mark 3
iptables -t mangle -A POSTROUTING -p tcp -d 192.168.1.54/32 -m layer7 
--l7proto bittorrent -j MARK --set-mark 3

---

Tuti, hogy azzal van baj, hogy tc filer-nel, mar van 1:0 class. Raadasul 
hibat is dob az utolso 5db tc filter sorrnal...

Van valakinek tippje, hogy kellene alakitani a classokat ez esetben?


Udv.,
Tom

_________________________________________________
linux lista      -      [email protected]
http://mlf2.linux.rulez.org/mailman/listinfo/linux

sávszélesség korlátozás mindkét irányban

válasz