Re: allocation bandwidth with cbq

Fri, 28 Jan 2011 01:33:41 -0800 

Hi,

I got it done. But for *http *traffic. But, I want to get it done for ftp
download also. It does NOT work.

These are the rules


# enable queueing on the internal interface to control traffic coming in
# from the Internet. use the cbq scheduler to control bandwidth. max
# bandwidth is 2Mbps.

altq on em1 cbq bandwidth 2Mb queue { std_in, ssh_im_in, dns_in, student_in
}

# define the parameters for the child queues.
# std_in      - the standard queue. any filter rule below that does not
#               explicitly specify a queue will have its traffic added
#               to this queue.
# ssh_im_in   - interactive SSH and various instant message traffic.
# dns_in      - DNS replies.
# student_in  - bandwidth reserved for student's workstation.
#

queue std_in     bandwidth 1.6Mb cbq(default borrow)
queue ssh_im_in  bandwidth 200Kb priority 4
queue dns_in     bandwidth 120Kb priority 5
queue student_in bandwidth 80Kb cbq


# FTP Proxy rules ( *This highlighted rule worked in bold DOES NOT work ?
any idea ?)*
anchor "ftp-proxy/*"
*pass in quick on $int_if proto tcp from $student_pc to any port 21 \
    flags S/SA keep state rdr-to 127.0.0.1 port 8021 queue student_in*

pass in quick on $int_if proto tcp from $lan_net to any port 21 \
    flags S/SA keep state rdr-to 127.0.0.1 port 8021

# Squid Redirect ( *This highlighted rule worked*)
*pass in quick on $int_if proto tcp from $student_pc to any port { 80 8080 }
\
    flags S/SA keep state rdr-to 127.0.0.1 port 3128 queue student_in
*
pass in quick on $int_if proto tcp from $lan_net to any port { 80 8080 } \
    flags S/SA keep state rdr-to 127.0.0.1 port 3128


pass in quick log on $int_if inet proto udp from $lan_net to !$int_if \
  port $clientudpports keep state queue dns_in

pass in quick log on $int_if inet proto tcp from $student_pc to !$int_if \
  port $https flags S/SA keep state queue student_in

pass in quick log on $int_if inet proto tcp from $lan_net to !$int_if \
  port $https flags S/SA keep state



I have got what I want up to certain extent. I am still trying to allocate
ftp download for studnet_pc to 80Kbps.

I think port 21 for connection to establish. It further needs ports higher
than > 49151

So i added in this way as well.

*pass in quick on $int_if proto tcp from $student_pc to any port ( 21  >
49151 \
    flags S/SA keep state rdr-to 127.0.0.1 port 8021 queue student_in*

Still no luck?

Any idea?







-- 
Thank you
Indunil Jayasooriya

Reply via email to