Hi, I have just created a new linux firewall for home use with CentOS 6.3 x64 minimal install and the following:
Shorewall (2 interface) Dansguardian Squid I also have DHCPd and BIND9 running on there. It looks something like this http://i.imgur.com/t0LTi.png I would like to implement a simple traffic control and I've thought of two possible configs: 1) 10.0.0.50 (my PC) has guaranteed bandwidth of 1mbit. I also want to limit total download bandwidth to a group of sites defined as video sites (e.g. youtube.com, vimeo.com, etc) to 1mbit across the network. I have spent quite a long time looking for examples on the internet but haven't found much to help me. 2) give video sites and file downloads low priority over normal web browsing and DNS, instead of limiting them to 1mbit in 1). http://www.ckollars.org/shaping.html did inspire me to think of something like this: ** high priority DNS queries webmail (sites gmail, hotmail) mail ports IMAP POP3 SMTP skype ** normal priority normal web browsing ** low priority bit torrent video websites (youtube.com, vimeo.com, etc) ftp and http downloading of large files I'm really not sure whether I should be using Shorewall simple traffic control or complex traffic control, and I'm not really sure how to configure it. If someone could show me some examples or how I could do it, I'd much appreciate it. My config files shorewall.conf http://pastebin.com/CqchttsF interfaces http://pastebin.com/RCf7NzFP zones http://pastebin.com/mr9hRpSG policy http://pastebin.com/EBRfPV4g rules http://pastebin.com/9mhcmYVV masq http://pastebin.com/sRrKENb1 tcdevices http://pastebin.com/VrYA0024 tcinterfaces http://pastebin.com/dutZUmaR tcpri http://pastebin.com/qddPSxxT Blank config files: tcrules tcclasses tcfilters tos tunnels params If you have any other comments on my config, I would appreciate those too! Thanks, Mark ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
