On Thu, Aug 04, 2005 at 10:06:04PM +0200, Evert Meulie wrote:
> Since Freenet uses random ports for outgoing traffic, I can't really 
> shape it on my firewall either. (I do have an option to shape traffic 
> based on packet content. Do all Freenet packages have some common, 
> unique content perhaps?)
> The Freenet site suggested to control the bandwidth usage on the 
> OS-level instead. Who can tell me how to do this?

On linux you can tag packets with the iptables MARK target based on
uid or pid, and then use tc (from iproute2) filters to select only the
marked packets. No icky looking inside packets required. 

If you're shaping traffic on a different machine than the one running
freenet it's slightly more complicated, as the iptables MARKs don't go
out on the network, they're just there while the local machine is
juggling the packet. What I do is encode the appropriate policy in the
TOS header with --set-tos in the mangle table based on a MARK I set
based on the uid. Then, on the machine that does the traffic shaping
you just prioritise or drop based on the tos field, optionally
resetting it before pushing it out on the wire.

Similar facilities are available on many other OSes.

Frank v Waveren                                  Key fingerprint: BDD7 D61E
[EMAIL PROTECTED]                                              5D39 CF05 4BFC 
Public key: hkp://wwwkeys.pgp.net/468D62C8              FA00 7D51 468D 62C8

Attachment: signature.asc
Description: Digital signature

Support mailing list
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support

Reply via email to