2010/6/7 Stephan Balmer <sb@lia.ch>:
> Hi
>> #!/bin/bash
>> # Name of the traffic control command.
>> TC=/sbin/tc
>>
>> # The network interface we're planning on limiting bandwidth.
>> IF=eth5 # Interface
>
> How does traffic flow through this interface? Where does it come from, where
> does it go? And what do you want to do about it?
ok example:
we have 3 interfaces for 3 subnets. eth5 is that IF where traffic
comes from external.
>> # Download limit (in mega bits)
>> LIMIT=500kbps # DOWNLOAD Limit
>>
>> # Filter options for limiting the intended interface.
>> U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"
>>
>>
>> # delete any current qdisc -- in and out
>> $TC qdisc del dev eth5 root 2> /dev/null > /dev/null
>> $TC qdisc del dev eth5 ingress 2> /dev/null > /dev/null
>>
>> $TC qdisc add dev $IF root handle 1: htb default 30
>> $TC class add dev $IF parent 1: classid 1:1 htb rate $LIMIT
>> $U32 match ip dport 22 0xffff flowid 1:1
>> $U32 match ip dport 22 0xffff flowid 1:1
>
> You repeated the same rule twice, I don't think that does anything.
Just a typo, but not really an issue.
> I don't know much about tc, so I'm just guessing. Is it your
> intention to limit traffic going to SSH servers?
Yes. To define this: I want to limit FTP tunneled through ssh (called SFTP).
> Cheers
> Stephan
Greetings,
Björn
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/AANLkTikMT-c1SEqskx0Co1XjzyVqYMI7tuBYJL3IaF2D@mail.gmail.com
No comments:
Post a Comment