[SOLVED] tc htb - trying to rate limit traffic on 1 single port

psycroptic · 09-06-2013, 10:50 PM

i have this htb qdisc on a particular interface in my router:

Code:

tc qdisc add dev internal root handle 1: htb default 1
tc class add dev internal parent 1: classid 1:1 htb rate 51.88mbit ceil 51.88mbit
tc class add dev internal parent 1: classid 1:2 htb rate 32.5mbit ceil 32.5mbit

I can add particular IP to this class 1:2 using this in /etc/iptables/iptables.rules:

Code:

-A POSTROUTING -o internal -d 172.16.16.14 -j CLASSIFY --set-class 1:2

but if I try to limit traffic to/from 172.16.16.14 on port 12321 ONLY using this:

Code:

-A POSTROUTING -o internal -d 172.16.16.14 -p tcp -m tcp --dport 12321 -j CLASSIFY --set-class 1:2
-A POSTROUTING -o internal -d 172.16.16.14 -p udp -m udp --dport 12321 -j CLASSIFY --set-class 1:2
-A POSTROUTING -o internal -d 172.16.16.14 -p tcp -m tcp --sport 12321 -j CLASSIFY --set-class 1:2
-A POSTROUTING -o internal -d 172.16.16.14 -p udp -m udp --sport 12321 -j CLASSIFY --set-class 1:2

it doesn't work; traffic on these ports are not limited at all.

what gives?

unSpawn · 09-11-2013, 01:35 AM

What does this return?

Code:

iptables -t mangle -nvxL --line-numbers

psycroptic · 09-11-2013, 09:03 AM

that wasn't it; actually, the problem seemed to be application-related.

i was trying to rate-limit torrent traffic, in this case it was a Mac running some bittorrent client called "Frostwire". For some reason, it wasn't responding to this rule; I had set it to use TCP and UDP ports 12321, but somehow it was getting around this - downloads weren't stopping at 32mbit. I had the guy download another torrent client (utorrent) which behaved as expected, and I tested a few others on my own machine using the same rule, and they all responded to this.

so i don't know what frostwire was doing, but in any case it seemed to be the only one with the problem.

thanks anyway