Freesco, NND, CDN, EOS http://forum.freesco.pl/ |
|
Niceshaper nie wyłapuje p2p http://forum.freesco.pl/viewtopic.php?f=22&t=16322 |
Strona 1 z 1 |
Autor: | Wujek_Bogdan [ czwartek, 13 grudnia 2007, 16:12 ] |
Tytuł: | Niceshaper nie wyłapuje p2p |
Mam niceshapera w wersji 0.6rc4.1. interfejsy wirtualne imq0 oraz imq1. docelowo chce p2p przekierować na imq2 oraz imq3. problem polega na tym ze niceshaper nie chce wyłapywać pakietów oznaczonych przez l7 oraz ipp2p. w niceshaper stats w ogole nie widac p2p. reszta jest oK. moja konfiguracja: markowanie pakietów iptables -t mangle -I PREROUTING -p udp -m ipp2p --ipp2p -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p udp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p tcp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p udp -m layer7 --l7proto edonkey -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p tcp -m layer7 --l7proto edonkey -j MARK --set-mark 0x999 iptables -t mangle -I PREROUTING -p udp -m mark --mark 0x999 -j CONNMARK --save-mark iptables -t mangle -I PREROUTING -p tcp -m mark --mark 0x999 -j CONNMARK --save-mark iptables -t mangle -I PREROUTING -p udp -m mark ! --mark 0 -j ACCEPT iptables -t mangle -I PREROUTING -p tcp -m mark ! --mark 0 -j ACCEPT iptables -t mangle -I PREROUTING -p udp -j CONNMARK --restore-mark iptables -t mangle -I PREROUTING -p tcp -j CONNMARK --restore-mark iptables -t mangle -A PREROUTING -m mark --mark 0x999 -j ACCEPT iptables -t mangle -I POSTROUTING -p udp -m ipp2p --ipp2p -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p tcp -m ipp2p --ipp2p -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p udp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p tcp -m layer7 --l7proto bittorrent -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p udp -m layer7 --l7proto edonkey -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p tcp -m layer7 --l7proto edonkey -j MARK --set-mark 0x888 iptables -t mangle -I POSTROUTING -p udp -m mark --mark 0x888 -j CONNMARK --save-mark iptables -t mangle -I POSTROUTING -p tcp -m mark --mark 0x888 -j CONNMARK --save-mark iptables -t mangle -I POSTROUTING -p udp -m mark ! --mark 0 -j ACCEPT iptables -t mangle -I POSTROUTING -p tcp -m mark ! --mark 0 -j ACCEPT iptables -t mangle -I POSTROUTING -p udp -j CONNMARK --restore-mark iptables -t mangle -I POSTROUTING -p tcp -j CONNMARK --restore-mark iptables -t mangle -A POSTROUTING -m mark --mark 0x888 -j ACCEPT podnosze imq /sbin/modprobe imq numdevs=6 &>/dev/null /sbin/ifconfig imq0 up &>/dev/null /sbin/ifconfig imq1 up &>/dev/null niceshaper config <global> lang pl stats unit kb/s run download upload support mark-on imq0 imq1 stats unit kb/s file none owner root group root mode 644 </global> <download> # iface eth1 match dstip 10.0.0.0/24 iface imq1 match dstip 10.0.0.0/24 section speed 4000kb/s section shape 3500kb/s default low 1kb/s default ceil 2048kb/s iptables hook POSTROUTING # POSTROUTING is optimal for download mode reload 5s # default htb scheduler esfq default imq autoredirect true </download> <upload> iface imq0 match srcip 10.0.0.0/24 section speed 512kb/s section shape 400kb/s default low 32kb/s default ceil 250kb/s iptables hook PREROUTING # PREROUTING is optimal for upload mode reload 2s # default htb scheduler esfq </upload> niceshaper class class download imq1 czarek ; match dstip 10.0.0.2 ; ceil 1950kb/s ; low 25kb/s class upload imq0 czarek ; match srcip 10.0.0.2 ; ceil 350kb/s ; low 5kb/s class download imq1 rudi ; match dstip 10.0.0.3 ; ceil 1950kb/s ; low 25kb/s class upload imq0 rudi ; match srcip 10.0.0.3 ; ceil 350kb/s ; low 5kb/s class download imq1 gaclav ; match dstip 10.0.0.4 ; ceil 1950kb/s ; low 25kb/s class upload imq0 gaclav ; match srcip 10.0.0.4 ; ceil 350kb/s ; low 5kb/s class upload imq0 DNS ; match proto udp dstport 53 ; low 128kb/s ; ceil 300kb/s ; htb prio 1 class download imq1 p2p ; match mark 0x888 dstip 10.0.0.0/24 ; ceil 10kB/s ; htb prio 7 class upload imq0 p2p ; match mark 0x999 srcip 10.0.0.0/24 ; ceil 10kB/s ; htb prio 7 |
Strona 1 z 1 | Strefa czasowa UTC+2godz. |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |