Ok, I'll try to be more specific this time :-) Server's external interface is eth0 Server's internal iface is eth1 I have squid running on the server.
192.168.200.1 is the local machine I'm testing the rules now.I have a 512 kbps link that I want to optimize, the main objective will be later to reserve 256-512 to VPN and "0"-256 to the rest, but now the only thing I want to accomplish is to have a default rule with no limitations and to have an exception to this rule (applied to 192.168.200.1) limitting the bandwidth usage to 256. I'm trying to limit download...upload really doesn't matter (for now at least, will be important later).
look what I tried to do now, I put a rule limitting all traffic to port 80 to 256, the rest is free...
1 and 2 refer to eth0 (external), 3 and 4 to eth1 (local) tcrules ####################################### 1 0.0.0.0/0 0.0.0.0/0 tcp 80 2 0.0.0.0/0 0.0.0.0/0 all 3 0.0.0.0/0 0.0.0.0/0 tcp 80 4 0.0.0.0/0 0.0.0.0/0 all ###################################### tcclasses ############################### eth0 1 128kbps 256kbps 2 eth0 2 full full 1 default eth1 3 128kbps 256kbps 2 eth1 4 full full 1 default ############################## tcdevices ################################### eth0 512kbit 512kbit eth1 100000kbit 100000kbit ################################### tried the connection from 192.168.200.1 (local machine) ##################################### [EMAIL PROTECTED] doctor]$ wget www.doctornet.com.br/matrix.zip --09:05:16-- http://www.doctornet.com.br/matrix.zip => `matrix.zip.11' Resolving www.doctornet.com.br... done. Connecting to www.doctornet.com.br[201.3.160.245]:80... connected. HTTP request sent, awaiting response... 200 OK Length: 199,947,030 [application/zip]0% [ ] 249,152 59.37K/s ETA 54:44
###################################### It is attached here as status80.txt.bz2 Oh, I did the upgrade. #### sudint:/etc/shorewall# shorewall version 3.2.6 ###----- Original Message ----- From: "Tom Eastep" <[EMAIL PROTECTED]>
To: "Shorewall Users" <[email protected]> Sent: Friday, December 29, 2006 6:13 PM Subject: Re: [Shorewall-users] TC - not marking correctly
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net's Techsay panel and you'll get the chance to share youropinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
--------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
status80.txt.bz2
Description: Binary data
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
