I've been a long-time user of Shorewall and I want to upgrade my traffic
shaping rules if possible, especially with the introduction of ifb support
in newer versions. I'm currently running 4.2, using the "Wondershaper-type"
configuration found at http://www.shorewall.net/traffic_shaping.htm based
around my own setup. Although I have been using iptables since the ipchains
days, I'm still a newbie on the usage of tc and how Shorewall uses it. This
is all just for my own home setup. The problem I'm having now is that my
upload can be saturated enough to cause extreme latency, and I wish to
prevent that without having to rely on simply throttling back the speed. I
am a residential FiOS user with a 15/2mbit plan. I have Torrent, VNC, SSH,
and HTTP servers running on the network open to the outside, and use VoIP
through BroadVoice. Here's what I'm currently using, any suggestions on what
to do or where to go to look for more info would be helpful:
#
# Shorewall version 3.4 - Tcdevices File
#
# For information about entries in this file, type "man shorewall-tcdevices"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
############################################################################
###
#INTERFACE IN-BANDWITH OUT-BANDWIDTH REDIRECTED
# INTERFACES
$EXT_IF 15360kbit 2048kbit
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
#
# Shorewall version 3.4 - Tcclasses File
#
# For information about entries in this file, type "man shorewall-tcclasses"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
#
############################################################################
###
#INTERFACE MARK RATE CEIL PRIORITY
OPTIONS
# VoIP
$EXT_IF 1 100kbit 180kbit 1
tos=0x68/0xfc,tos=0xb8/0xfc
$EXT_IF 2 full/4 full 2
tcp-ack,tos-minimize-delay
$EXT_IF 3 full/4 full 3
default
$EXT_IF 4 full/8 full*8/10 4
#$EXT_IF 1 100kbit 180kbit 1
tos=0x68/0xfc,tos=0xb8/0xfc
#$EXT_IF 2 full full 2
tcp-ack,tos-minimize-delay
#$EXT_IF 3 9*full/10 9*full/10 3
default
#$EXT_IF 4 8*full/10 8*full/10 3
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
# Shorewall version 3.4 - Tcrules File
#
# For information about entries in this file, type "man shorewall-tcrules"
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
# For usage in selecting among multiple ISPs, see
# http://shorewall.net/MultiISP.html
#
# See http://shorewall.net/PacketMarking.html for a detailed description of
# the Netfilter/Shorewall packet marking mechanism.
#
############################################################################
###
#MARK SOURCE DEST PROTO DEST
SOURCE USER TEST LENGT$
# PORT(S)
PORT(S)
2:F 0.0.0.0/0 0.0.0.0/0 icmp echo-request
2:F 0.0.0.0/0 0.0.0.0/0 icmp echo-reply
4 $INT_IF:0.0.0.0/0 $EXT_IF:0.0.0.0/0 tcp
$PORT_WOWTORRENT,$PORT_HTTPSERVER,$PORT_TORRENT
4 $EXT_IF:0.0.0.0/0 $INT_IF:0.0.0.0/0 tcp -
$PORT_WOWTORRENT,$PORT_HTTPSERVER,$PORT_TORRENT
4 $INT_IF:0.0.0.0/0 $EXT_IF:0.0.0.0/0 udp
$PORT_TORRENT
4 $EXT_IF:0.0.0.0/0 $INT_IF:0.0.0.0/0 udp -
$PORT_TORRENT
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
