Mam niceshapera w wersji 0.6rc4.1. interfejsy wirtualne imq0 oraz imq1. docelowo chce p2p przekierować na imq2 oraz imq3. problem polega na tym ze niceshaper nie chce wyłapywać pakietów oznaczonych przez l7 oraz ipp2p. w niceshaper stats w ogole nie widac p2p. reszta jest oK.
moja konfiguracja:
markowanie pakietów
iptables -t mangle -I PREROUTING -p udp -m ipp2p --ipp2p -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p udp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p tcp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p udp -m layer7 --l7proto edonkey -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p tcp -m layer7 --l7proto edonkey -j MARK --set-mark 0x999
iptables -t mangle -I PREROUTING -p udp -m mark --mark 0x999 -j CONNMARK --save-mark
iptables -t mangle -I PREROUTING -p tcp -m mark --mark 0x999 -j CONNMARK --save-mark
iptables -t mangle -I PREROUTING -p udp -m mark ! --mark 0 -j ACCEPT
iptables -t mangle -I PREROUTING -p tcp -m mark ! --mark 0 -j ACCEPT
iptables -t mangle -I PREROUTING -p udp -j CONNMARK --restore-mark
iptables -t mangle -I PREROUTING -p tcp -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING -m mark --mark 0x999 -j ACCEPT
iptables -t mangle -I POSTROUTING -p udp -m ipp2p --ipp2p -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p udp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p tcp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p udp -m layer7 --l7proto edonkey -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p tcp -m layer7 --l7proto edonkey -j MARK --set-mark 0x888
iptables -t mangle -I POSTROUTING -p udp -m mark --mark 0x888 -j CONNMARK --save-mark
iptables -t mangle -I POSTROUTING -p tcp -m mark --mark 0x888 -j CONNMARK --save-mark
iptables -t mangle -I POSTROUTING -p udp -m mark ! --mark 0 -j ACCEPT
iptables -t mangle -I POSTROUTING -p tcp -m mark ! --mark 0 -j ACCEPT
iptables -t mangle -I POSTROUTING -p udp -j CONNMARK --restore-mark
iptables -t mangle -I POSTROUTING -p tcp -j CONNMARK --restore-mark
iptables -t mangle -A POSTROUTING -m mark --mark 0x888 -j ACCEPT
podnosze imq
/sbin/modprobe imq numdevs=6 &>/dev/null
/sbin/ifconfig imq0 up &>/dev/null
/sbin/ifconfig imq1 up &>/dev/null
niceshaper config
<global>
lang pl
stats unit kb/s
run download upload
support mark-on imq0 imq1
stats unit kb/s file none owner root group root mode 644
</global>
<download>
# iface eth1 match dstip 10.0.0.0/24
iface imq1 match dstip 10.0.0.0/24
section speed 4000kb/s
section shape 3500kb/s
default low 1kb/s
default ceil 2048kb/s
iptables hook POSTROUTING # POSTROUTING is optimal for download mode
reload 5s
# default htb scheduler esfq
default imq autoredirect true
</download>
<upload>
iface imq0 match srcip 10.0.0.0/24
section speed 512kb/s
section shape 400kb/s
default low 32kb/s
default ceil 250kb/s
iptables hook PREROUTING # PREROUTING is optimal for upload mode
reload 2s
# default htb scheduler esfq
</upload>
niceshaper class
class download imq1 czarek ; match dstip 10.0.0.2 ; ceil 1950kb/s ; low 25kb/s
class upload imq0 czarek ; match srcip 10.0.0.2 ; ceil 350kb/s ; low 5kb/s
class download imq1 rudi ; match dstip 10.0.0.3 ; ceil 1950kb/s ; low 25kb/s
class upload imq0 rudi ; match srcip 10.0.0.3 ; ceil 350kb/s ; low 5kb/s
class download imq1 gaclav ; match dstip 10.0.0.4 ; ceil 1950kb/s ; low 25kb/s
class upload imq0 gaclav ; match srcip 10.0.0.4 ; ceil 350kb/s ; low 5kb/s
class upload imq0 DNS ; match proto udp dstport 53 ; low 128kb/s ; ceil 300kb/s ; htb prio 1
class download imq1 p2p ; match mark 0x888 dstip 10.0.0.0/24 ; ceil 10kB/s ; htb prio 7
class upload imq0 p2p ; match mark 0x999 srcip 10.0.0.0/24 ; ceil 10kB/s ; htb prio 7
Zaloguj się
Zarejestruj się
FAQ
Szukaj
