maxut 09-09-2004 08:50 AM

"iptables tc" limiting bandwidth for specific port
hello all,
i want to limit bandwidth of my qmail server (rh 8.0). i dont have another gateway because it is already gateway of 10 boxes :) . i wanted to limit specific port on my test box (fedora 2). i am trying to do that with tc and iptables. i found something about that at

i know it marks the packets in FORWARD chain at example of that site. i thougth it must work for INPUT and OUTPUT chains too. am i wrong?
so i tried to mark output packets goes to "tcp --dport 21", input packets comes from "tcp --sport 21". it seems that didnt work.

iptables -t mangle -A INPUT -p tcp --sport 21 -j MARK --set-mark 4
iptables -t mangle -A OUTPUT -p tcp --dport 21 -j MARK --set-mark 3

or didnt i create correct iptables rules?

here is script of tc :

#  All Rates are in Kbits, so in order to gets Bytes divide by 8
#  e.g. 25Kbps == 3.125KB/s
DNLD=100Kbit              # DOWNLOAD Limit
DWEIGHT=10Kbit        # DOWNLOAD Weight Factor ~ 1/10 of DOWNLOAD Limit
UPLD=50KBit                # UPLOAD Limit
UWEIGHT=5Kbit          # UPLOAD Weight Factor
tc_start() {
    $TC qdisc add dev eth0 root handle 11: cbq bandwidth 100Mbit avpkt 1000 mpu 64
    $TC class add dev eth0 parent 11:0 classid 11:1 cbq rate $DNLD weight $DWEIGHT allot 1514 prio 1 avpkt 1000 bounded
    $TC filter add dev eth0 parent 11:0 protocol ip handle 4 fw flowid 11:1
tc_stop() {
    $TC qdisc del dev eth0 root
tc_restart() {
    sleep 1
tc_show() {
    echo ""
    echo "eth0:"
    $TC qdisc show dev eth0
    $TC class show dev eth0
    $TC filter show dev eth0
    echo ""
case "$1" in
    echo -n "Starting bandwidth shaping: "
    echo "done"
    echo -n "Stopping bandwidth shaping: "
    echo "done"
    echo -n "Restarting bandwidth shaping: "
    echo "done"

    echo "Usage: /etc/init.d/ {start|stop|restart|show}"

exit 0

thnx for any help.

Geremia 12-16-2015 09:43 PM

I would like to know this, too.

