You are not logged in.
# tc -s qdisc
qdisc pfifo_fast 0: dev eth0 root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 10916664890 bytes 41994841 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc pfifo_fast 0: dev eth1 root bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 32798252003 bytes 29291397 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc htb 1: dev ppp0 root r2q 10 default 25 direct_packets_stat 1
Sent 7653093139 bytes 34667292 pkt (dropped 0, overlimits 6391391 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 20: dev ppp0 parent 1:20 limit 127p quantum 1500000b
Sent 924873152 bytes 21160621 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 21: dev ppp0 parent 1:21 limit 127p quantum 1500000b
Sent 102185893 bytes 1280371 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 22: dev ppp0 parent 1:22 limit 127p quantum 1504b perturb 100sec
Sent 132509784 bytes 1610640 pkt (dropped 6650, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 23: dev ppp0 parent 1:23 limit 127p quantum 1504b perturb 100sec
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 24: dev ppp0 parent 1:24 limit 127p quantum 1504b perturb 100sec
Sent 928645850 bytes 4767392 pkt (dropped 53, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 25: dev ppp0 parent 1:25 limit 127p quantum 1504b perturb 100sec
Sent 484 bytes 10 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
qdisc sfq 26: dev ppp0 parent 1:26 limit 127p quantum 1504b perturb 100sec
Sent 5564877936 bytes 5848257 pkt (dropped 2, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
# tc -s class ls dev ppp0
class htb 1:22 parent 1:1 leaf 22: prio 2 rate 65000bit ceil 460000bit burst 1680b cburst 2174b
Sent 132527959 bytes 1610840 pkt (dropped 0, overlimits 0 requeues 0)
rate 352bit 0pps backlog 0b 0p requeues 0
lended: 1544937 borrowed: 65903 giants: 0
tokens: 197235 ctokens: 36261class htb 1:23 parent 1:1 leaf 23: prio 3 rate 65000bit ceil 460000bit burst 1680b cburst 2174b
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 0 borrowed: 0 giants: 0
tokens: 202042 ctokens: 36939
class htb 1:1 root rate 460000bit ceil 460000bit burst 2174b cburst 2174b
Sent 7657411670 bytes 34713921 pkt (dropped 0, overlimits 0 requeues 0)
rate 159200bit 218pps backlog 0b 0p requeues 0
lended: 5850158 borrowed: 0 giants: 0
tokens: 28244 ctokens: 28244
class htb 1:20 parent 1:1 leaf 20: prio 0 rate 65000bit ceil 460000bit burst 1680b cburst 1499b
Sent 925871908 bytes 21183044 pkt (dropped 0, overlimits 0 requeues 0)
rate 39208bit 110pps backlog 0b 0p requeues 0
lended: 21183030 borrowed: 14 giants: 0
tokens: 173557 ctokens: 24796
class htb 1:21 parent 1:1 leaf 21: prio 1 rate 65000bit ceil 460000bit burst 1680b cburst 1499b
Sent 102625806 bytes 1285531 pkt (dropped 0, overlimits 0 requeues 0)
rate 15816bit 23pps backlog 0b 0p requeues 0
lended: 1279973 borrowed: 5558 giants: 0
tokens: 181399 ctokens: 22995
class htb 1:26 parent 1:1 leaf 26: prio 6 rate 65000bit ceil 460000bit burst 1680b cburst 2174b
Sent 5565274438 bytes 5851244 pkt (dropped 0, overlimits 0 requeues 0)
rate 11192bit 14pps backlog 0b 0p requeues 0
lended: 2785256 borrowed: 3065988 giants: 0
tokens: 142309 ctokens: 29222
class htb 1:24 parent 1:1 leaf 24: prio 4 rate 65000bit ceil 460000bit burst 1680b cburst 2174b
Sent 931235768 bytes 4783252 pkt (dropped 0, overlimits 0 requeues 0)
rate 92632bit 70pps backlog 0b 0p requeues 0
lended: 2070557 borrowed: 2712695 giants: 0
tokens: -6091 ctokens: 28244
class htb 1:25 parent 1:1 leaf 25: prio 5 rate 65000bit ceil 460000bit burst 1680b cburst 2174b
Sent 484 bytes 10 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
lended: 10 borrowed: 0 giants: 0
tokens: 172375 ctokens: 34249# tc -s filter ls dev ppp0
filter parent 1: protocol ip pref 49151 u32
filter parent 1: protocol ip pref 49151 u32 fh 801: ht divisor 1
filter parent 1: protocol ip pref 49151 u32 fh 801::800 order 2048 key ht 801 bkt 0 flowid 1:21 (rule hit 34734058 success 0)
src 1.0.0.2/32 (success 42 )
sport 8452 (success 0 )
filter parent 1: protocol ip pref 49151 u32
filter parent 1: protocol ip pref 49151 u32 fh 800: ht divisor 1
filter parent 1: protocol ip pref 49151 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:20 (rule hit 34734060 success 21189556)
protocol 6 (success 26972308 )
match 05000000/0f00ffc0 at 0 (success 22289181 )
match 00100000/00ff0000 at 32 (success 21189556 )
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x1a classid 1:26
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x19 classid 1:25
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x18 classid 1:24
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x17 classid 1:23
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x16 classid 1:22
filter parent 1: protocol ip pref 49151 fw
filter parent 1: protocol ip pref 49151 fw handle 0x15 classid 1:21
filter parent 1: protocol ip pref 49152 fw
filter parent 1: protocol ip pref 49152 fw handle 0x14 classid 1:20# iptables -t mangle -L -n -v
Chain PREROUTING (policy ACCEPT 112M packets, 69G bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 95M packets, 64G bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 18M packets, 6567M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 87M packets, 45G bytes)
pkts bytes target prot opt in out source destination
27M 6537M MARK all -- * ppp0 0.0.0.0/0 0.0.0.0/0 MARK match 0x0 MARK set 0x1a
10571 601K MARK tcp -- * ppp0 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667 MARK set 0x15
Chain POSTROUTING (policy ACCEPT 104M packets, 50G bytes)
pkts bytes target prot opt in out source destination
35M 7661M MYSHAPER-OUT all -- * ppp0 0.0.0.0/0 0.0.0.0/0
Chain MYSHAPER-OUT (1 references)
pkts bytes target prot opt in out source destination
58888 2513K MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8200 MARK set 0x15
2 120 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2074 MARK set 0x15
249K 14M MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:8452 MARK set 0x15
1028K 88M MARK icmp -- * * 0.0.0.0/0 0.0.0.0/0 MARK set 0x15
4004 250K MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 MARK set 0x15
0 0 MARK udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 MARK set 0x15
983K 69M MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 MARK set 0x16
5250 5226K MARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 MARK set 0x1a
1597K 114M MARK all -- * * 1.0.0.2 0.0.0.0/0 MARK match 0x0 MARK set 0x16
4876K 936M MARK all -- * * 1.0.0.4 0.0.0.0/0 MARK set 0x18
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0x0 MARK set 0x19that is how it looks, im gonna try to remove the -i and -o parameters and see what happens.
nothing happened, no change at all. im now making changes to your script, here it is, tell me if you approve:
estabroo.sh
#!/bin/sh
modprobe nf_nat_pptp
modprobe cls_u32
modprobe sch_htb
modprobe nfnetlink_queue
modprobe nf_conntrack_pptp
modprobe sch_htb
modprobe sch_prio
modprobe cls_u32
modprobe cls_fw
modprobe ipt_CLASSIFY
modprobe ipt_TOS
modprobe xt_MARK
modprobe xt_mark
DEV=ppp0
RATEUP=460
tc qdisc del dev $DEV root
iptables -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -F MYSHAPER-OUT
iptables -t mangle -X MYSHAPER-OUT
iptables -t mangle -F HTB_OUT
iptables -t mangle -F OUTPUT
tc qdisc replace dev $DEV root handle 1: htb default 30
tc class replace dev $DEV parent 1: classid 1:1 htb rate 890kbit burst 5k
tc class replace dev $DEV parent 1:1 classid 1:10 htb rate 300kbit ceil 890kbit burst 5k
tc class replace dev $DEV parent 1:1 classid 1:20 htb rate 300kbit ceil 800kbit burst 5k
tc class replace dev $DEV parent 1:1 classid 1:30 htb rate 290kbit ceil 800kbit burst 5k
tc qdisc replace dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc replace dev $DEV parent 1:20 handle 20: sfq perturb 10
tc qdisc replace dev $DEV parent 1:30 handle 30: sfq perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 30 fw flowid 1:30
iptables -t mangle -F
iptables -t mangle -N HTB_OUT
#iptables -t mangle -I POSTROUTING -o $1 -j HTB_OUT
iptables -t mangle -I POSTROUTING -j HTB_OUT
# set the default mark, it'll get rewritten by other rules
iptables -t mangle -A HTB_OUT -j MARK --set-mark 30
# marking rules
#iptables -t mangle -A HTB_OUT -d <ip_of_voip_server1> -j MARK --set-mark 10
#iptables -t mangle -A HTB_OUT -d <ip_of_vpn_server> -j MARK --set-mark 10
iptables -t mangle -A HTB_OUT -p icmp -j MARK --set-mark 10 # ICMP (ping) - highest prio for testing
iptables -t mangle -A HTB_OUT -p tcp --dport 8200 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 2074 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 8452 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 53 -j MARK --set-mark 20 # DNS name resolution (small packets)
iptables -t mangle -A HTB_OUT -p udp --sport 53 -j MARK --set-mark 20 # DNS name resolution (small packets)
iptables -t mangle -A HTB_OUT -p tcp --dport http -j MARK --set-mark 20 # Remote web server
iptables -t mangle -A HTB_OUT -p tcp --sport http -j MARK --set-mark 30 # Local web server
iptables -t mangle -A HTB_OUT -s 1.0.0.2 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -s 1.0.0.4 -j MARK --set-mark 30that should be right ? im gonna try to run it, btw the CLASSIFY target had no effect, but I haven't tested it without -o, though it seems like strange thing but i will try CLASSIFY also.
btw I noticed you didn't specify prio parameter to htb, how will it know which to prioritize?
anyway I was wondering if this: is correct in case I want to prioritize packets, I don't really have a need to shape anything, just a priority is good, tell me if you approve this one.
#!/bin/sh
modprobe nf_nat_pptp
modprobe cls_u32
modprobe sch_htb
modprobe nfnetlink_queue
modprobe nf_conntrack_pptp
modprobe sch_htb
modprobe sch_prio
modprobe cls_u32
modprobe cls_fw
modprobe ipt_CLASSIFY
modprobe ipt_TOS
modprobe xt_MARK
modprobe xt_mark
DEV=ppp0
RATEUP=460
tc qdisc del dev $DEV root
iptables -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT
iptables -t mangle -F MYSHAPER-OUT
iptables -t mangle -X MYSHAPER-OUT
iptables -t mangle -F HTB_OUT
iptables -t mangle -F OUTPUT
iptables -t mangle -F FORWARD
#tc qdisc add dev $DEV root handle 1: prio bands 3 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3
tc qdisc add dev $DEV root handle 1: prio
#tc qdisc replace dev $DEV root handle 1: htb default 30
#tc class replace dev $DEV parent 1: classid 1:1 htb rate 890kbit burst 5k
#tc class replace dev $DEV parent 1:1 classid 1:10 htb rate 300kbit ceil 890kbit burst 5k
#tc class replace dev $DEV parent 1:1 classid 1:20 htb rate 300kbit ceil 800kbit burst 5k
#tc class replace dev $DEV parent 1:1 classid 1:30 htb rate 290kbit ceil 800kbit burst 5k
#tc qdisc replace dev $DEV parent 1:1 handle 10: sfq perturb 10
#tc qdisc replace dev $DEV parent 1:2 handle 20: sfq perturb 10
#tc qdisc replace dev $DEV parent 1:3 handle 30: sfq perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:1
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:2
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 30 fw flowid 1:3
iptables -t mangle -F
iptables -t mangle -N HTB_OUT
#iptables -t mangle -I POSTROUTING -o $1 -j HTB_OUT
iptables -t mangle -I POSTROUTING -j HTB_OUT
iptables -t mangle -I OUTPUT -j HTB_OUT
iptables -t mangle -I FORWARD -j HTB_OUT
# set the default mark, it'll get rewritten by other rules
iptables -t mangle -A HTB_OUT -j MARK --set-mark 30
# marking rules
#iptables -t mangle -A HTB_OUT -d <ip_of_voip_server1> -j MARK --set-mark 10
#iptables -t mangle -A HTB_OUT -d <ip_of_vpn_server> -j MARK --set-mark 10
iptables -t mangle -A HTB_OUT -s 1.0.0.2 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -s 1.0.0.4 -j MARK --set-mark 30
iptables -t mangle -A HTB_OUT -p icmp -j MARK --set-mark 10 # ICMP (ping) - highest prio for testing
iptables -t mangle -A HTB_OUT -p tcp --dport 8200 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 2074 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 8452 -j MARK --set-mark 20
iptables -t mangle -A HTB_OUT -p udp --dport 53 -j MARK --set-mark 20 # DNS name resolution (small packets)
iptables -t mangle -A HTB_OUT -p udp --sport 53 -j MARK --set-mark 20 # DNS name resolution (small packets)
iptables -t mangle -A HTB_OUT -p tcp --dport http -j MARK --set-mark 20 # Remote web server
iptables -t mangle -A HTB_OUT -p tcp --sport http -j MARK --set-mark 30 # Local web serveris there anything special that needs to be done for shaping to work in arch linux ?
and is there an alternative to the LARTC mailing list because it is down ?
for additional information: http://www.linuxquestions.org/questions … lp-680335/
Last edited by monohouse (2008-11-05 01:36:01)
Offline