hello all,
i want to limit bandwidth of my qmail server (rh 8.0). i dont have another gateway because it is already gateway of 10 boxes
. i wanted to limit specific port on my test box (fedora 2). i am trying to do that with tc and iptables. i found something about that at
http://www.szabilinux.hu/bandwidth/
i know it marks the packets in FORWARD chain at example of that site. i thougth it must work for INPUT and OUTPUT chains too. am i wrong?
so i tried to mark output packets goes to "tcp --dport 21", input packets comes from "tcp --sport 21". it seems that didnt work.
iptables -t mangle -A INPUT -p tcp --sport 21 -j MARK --set-mark 4
iptables -t mangle -A OUTPUT -p tcp --dport 21 -j MARK --set-mark 3
or didnt i create correct iptables rules?
here is script of tc :
Code:
#!/bin/bash
#
# All Rates are in Kbits, so in order to gets Bytes divide by 8
# e.g. 25Kbps == 3.125KB/s
#
TC=/sbin/tc
DNLD=100Kbit # DOWNLOAD Limit
DWEIGHT=10Kbit # DOWNLOAD Weight Factor ~ 1/10 of DOWNLOAD Limit
UPLD=50KBit # UPLOAD Limit
UWEIGHT=5Kbit # UPLOAD Weight Factor
tc_start() {
$TC qdisc add dev eth0 root handle 11: cbq bandwidth 100Mbit avpkt 1000 mpu 64
$TC class add dev eth0 parent 11:0 classid 11:1 cbq rate $DNLD weight $DWEIGHT allot 1514 prio 1 avpkt 1000 bounded
$TC filter add dev eth0 parent 11:0 protocol ip handle 4 fw flowid 11:1
}
tc_stop() {
$TC qdisc del dev eth0 root
}
tc_restart() {
tc_stop
sleep 1
tc_start
}
tc_show() {
echo ""
echo "eth0:"
$TC qdisc show dev eth0
$TC class show dev eth0
$TC filter show dev eth0
echo ""
}
case "$1" in
start)
echo -n "Starting bandwidth shaping: "
tc_start
echo "done"
;;
stop)
echo -n "Stopping bandwidth shaping: "
tc_stop
echo "done"
;;
restart)
echo -n "Restarting bandwidth shaping: "
tc_restart
echo "done"
;;
show)
tc_show
;;
*)
echo "Usage: /etc/init.d/tc.sh {start|stop|restart|show}"
;;
esac
exit 0
thnx for any help.
