LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 09-09-2004, 08:50 AM   #1
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
"iptables tc" limiting bandwidth for specific port


hello all,
i want to limit bandwidth of my qmail server (rh 8.0). i dont have another gateway because it is already gateway of 10 boxes . i wanted to limit specific port on my test box (fedora 2). i am trying to do that with tc and iptables. i found something about that at http://www.szabilinux.hu/bandwidth/

i know it marks the packets in FORWARD chain at example of that site. i thougth it must work for INPUT and OUTPUT chains too. am i wrong?
so i tried to mark output packets goes to "tcp --dport 21", input packets comes from "tcp --sport 21". it seems that didnt work.

iptables -t mangle -A INPUT -p tcp --sport 21 -j MARK --set-mark 4
iptables -t mangle -A OUTPUT -p tcp --dport 21 -j MARK --set-mark 3

or didnt i create correct iptables rules?

here is script of tc :
Code:
#!/bin/bash
#
#  All Rates are in Kbits, so in order to gets Bytes divide by 8
#  e.g. 25Kbps == 3.125KB/s
#
TC=/sbin/tc
DNLD=100Kbit              # DOWNLOAD Limit
DWEIGHT=10Kbit         # DOWNLOAD Weight Factor ~ 1/10 of DOWNLOAD Limit
UPLD=50KBit                # UPLOAD Limit
UWEIGHT=5Kbit           # UPLOAD Weight Factor
tc_start() {
    $TC qdisc add dev eth0 root handle 11: cbq bandwidth 100Mbit avpkt 1000 mpu 64
    $TC class add dev eth0 parent 11:0 classid 11:1 cbq rate $DNLD weight $DWEIGHT allot 1514 prio 1 avpkt 1000 bounded
    $TC filter add dev eth0 parent 11:0 protocol ip handle 4 fw flowid 11:1
}
 
tc_stop() {
 
    $TC qdisc del dev eth0 root
}
 
tc_restart() {
    tc_stop
    sleep 1
    tc_start
 }
 
tc_show() {
     echo ""
    echo "eth0:"
    $TC qdisc show dev eth0
    $TC class show dev eth0
    $TC filter show dev eth0
    echo ""
 }
 
case "$1" in
 
  start)
     echo -n "Starting bandwidth shaping: "
    tc_start
    echo "done"
    ;;
   stop)
     echo -n "Stopping bandwidth shaping: "
    tc_stop
    echo "done"
    ;;
   restart)
     echo -n "Restarting bandwidth shaping: "
    tc_restart
    echo "done"
    ;;
 
  show)
    tc_show
    ;;

  *)
    echo "Usage: /etc/init.d/tc.sh {start|stop|restart|show}"
    ;;

esac
 
exit 0
thnx for any help.

Last edited by maxut; 09-09-2004 at 08:52 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
adsl+iptables+port forward+"-m tcp" strange problem icry0000 Linux - Networking 3 07-31-2005 09:31 PM
"proftpftd.conf" limiting read access in uploads directory for non ftpadmin maxut Linux - Networking 0 09-04-2004 07:25 AM
"Opposite" to a "Listening" in Port Lingo General_Tso Linux - Security 6 02-11-2004 11:19 AM
limiting bandwidth on a specific network interface. Passive Linux - Networking 3 05-01-2002 04:20 AM
firewall.rc.config says :"open port 8080" but nmap says port is closed saavik Linux - Security 2 02-14-2002 12:16 PM


All times are GMT -5. The time now is 12:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration