Ismael Milach da Silveira wrote: > ############################## > So you want: > 1 192.168.200.1 0.0.0.0/0 all > Similarly, traffic forwarded TO 192.168.200.1 will be coming FROM eth0 > and going > TO eth1. So you want: > 3 0.0.0.0/0 192.168.200.1 all > Those are the only two rules you need for forwarded traffic. > ############################ > > Ok, the dump with that config is attached... I had done that already > last week :-) > > ############################################# > [EMAIL PROTECTED] doctor]$ scp > [EMAIL PROTECTED]:/home/doctor/thunderbird.tar.gz . > Password: > thunderbird.tar.gz 6% 20MB 52.8KB/s 1:36:01 > ############################################## >
Ok.
Your rules are now marking correctly:
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
3744 209K MARK all -- * * 192.168.200.1 0.0.0.0/0
MARK set 0x1
6650 9851K MARK all -- * * 0.0.0.0/0
192.168.200.1 MARK set 0x3
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
194 10568 MARK all -- * * 0.0.0.0/0
192.168.200.1 MARK set 0x3
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
3744 209K CLASSIFY all -- * eth0 0.0.0.0/0 0.0.0.0/0
MARK match 0x1/0xff CLASSIFY set 1:11
0 0 CLASSIFY all -- * eth0 0.0.0.0/0 0.0.0.0/0
MARK match 0x2/0xff CLASSIFY set 1:12
6844 9862K CLASSIFY all -- * eth1 0.0.0.0/0 0.0.0.0/0
MARK match 0x3/0xff CLASSIFY set 2:13
0 0 CLASSIFY all -- * eth1 0.0.0.0/0 0.0.0.0/0
MARK match 0x4/0xff CLASSIFY set 2:14
In particular, 6844 forwarded packets to 192.168.200.1 were classified with
2:13.
From the TC information:
class htb 2:13 parent 2:1 leaf 13: prio 2 quantum 12288 rate 1024Kbit ceil
2048Kbit burst 1627b/8 mpu 0b overhead 0b cburst 1755b/8 mpu 0b overhead 0b
level 0
-------------
Sent 9982131 bytes 6861 pkts (dropped 0, overlimits 0)
rate 481776bit 41pps
--------------
lended: 6861 borrowed: 0 giants: 0
tokens: 928 ctokens: 976
The ceiling for class 2:13 is 2 Mbit/second; you are seeing a transfer rate of
52.8 Kilobytes or approximately .4 Mbit/second (actually 481,776 bites per
second -- see above) which is much less than 2 Mbit/second.
So, what problem are you reporting?
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
