Hi, excellent source for Internet traffic shaping
http://www.trekweb.com/~jasonb/articles/traffic_shaping/scenarios.html http://www.trekweb.com/~jasonb/articles/traffic_shaping/classflows.html#iptu32 but please tell me how to control Wifi traffic to a number of clients. Is netstat, nload a good solution ? Just need to write basic shell script to count a number of Wifi /www clients (netstat -a > parser ) and have a tool, command, script to share Wifi bandwidth between Wifi/ www clients What I see promising in iptables is dstlimit This module allows you to limit the packet per second (pps) rate on a per destination IP or per destination port base. As opposed to the `limit' match, every destination ip / destination port has it's own limit. --dstlimit avg Maximum average match rate (packets per second unless followed by /sec /minute /hour /day postfixes). --dstlimit-mode mode The limiting hashmode. Is the specified limit per dstip, dstip-dstport tuple, srcip-dstip tuple, or per srcipdstip-dstport tuple. --dstlimit-name name Name for /proc/net/ipt_dstlimit/* file entry [--dstlimit-burst burst] Number of packets to match in a burst. Default: 5 [--dstlimit-htable-size size] Number of buckets in the hashtable [--dstlimit-htable-max max] Maximum number of entries in the hashtable [--dstlimit-htable-gcinterval interval] Interval between garbage collection runs of the hashtable (in miliseconds). Default is 1000 (1 second). [--dstlimit-htable-expire time After which time are idle entries expired from hashtable (in miliseconds)? Default is 10000 (10 seconds). ________ fuzzy This module matches a rate limit based on a fuzzy logic controller [FLC] --lower-limit number Specifies the lower limit (in packets per second). --upper-limit number Specifies the upper limit (in packets per second). __ geoip Match a packet by its source or destination country. [!] --src-cc, --source-country country[,country,country,...] Match packet coming from (one of) the specified country(ies) [!] --dst-cc, --destination-country country[,country,country,...] Match packet going to (one of) the specified country(ies) NOTE: The country is inputed by its ISO3166 code. The only extra files you need is a binary db (geoipdb.bin) & its index file (geoipdb.idx). Both files are generated from a countries & subnets database with the csv2bin tool, available at www.cookinglinux.org/geoip/. Both files MUST also be moved in /var/geoip/ as the shared library is statically looking for that pathname (ex.: /var/geoip/geoipdb.bin). ___ limit This module matches at a limited rate using a token bucket filter. A rule using this extension will match until this limit is reached (unless the `!' flag is used). It can be used in combination with the LOG target to give limited logging, for example. --limit rate Maximum average matching rate: specified as a number, with an optional `/second', `/minute', `/hour', or `/day' suffix; the default is 3/hour. --limit-burst number Maximum initial number of packets to match: this number gets recharged by one every time the limit specified above is not reached, up to this number; the default is 5. __ mac --mac-source [!] address Match source MAC address. It must be of the form XX:XX:XX:XX:XX:XX. Note that this only makes sense for packets coming from an Ethernet device and entering the PREROUTING, FORWARD or INPUT chains. _ Ok. What I need now is your advice how to put the above together into a nice, basic shell script. Dstlimit is ok but I need to limit Originated IP (DHCP assigned) for each specific client's IP. thanks Darius Send instant messages to your online friends http://uk.messenger.yahoo.com _______________________________________________ maemo-developers mailing list maemo-developers@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-developers
