Salut, Folosesc kernelul 2.6.15.7 cu suport pt HTB (de fapt toata sectiunea qos), HTB-tools.0.3.0-beta4 si Mandriva2006. Am 4 placi de retea (3 fizice si una virtuala) deoarece momentan am 3 clase de IP-uri, dar una dintre clase (eth1) nu este inca data in folosinta si fac teste pe ea
cum procedez: iptables -t mangle -N mark_horiz_src iptables -t mangle -N mark_horiz_dst iptables -t mangle -A PREROUTING -i eth0 -j mark_horiz_src iptables -t mangle -A PREROUTING -i eth1 -j mark_horiz_dst iptables -t mangle -A OUTPUT -o eth0 -j mark_horiz_dst ............................................... #la sfarsitul fw /usr/sbin/importbgp unde importbgp este: #!/bin/bash bgp_file=/var/local/ipclasses.bgp if wget -q --output-document=$bgp_file http://clienti.evolva.ro/subnets.php?net=all; then mipclasses -s mark_horiz_src -d mark_horiz_dst -m 1 < $bgp_file | iptables-restore -n fi eth0-qos.cfg si eth1-qos.cfg arata astfel: eth0-qos.cfg class class_1 { bandwidth 4096; limit 4096; burst 0; priority 1; client client1 { bandwidth 128; limit 256; burst 0; priority 1; src { xx.xx.xx.230/32; }; }; client client2 { bandwidth 64; limit 256; burst 0; priority 1; src { xx.xx.xx.2/32; }; }; ........................................... client clientX { bandwidth 128; limit 128; burst 0; priority 1; src { xx.xx.xx.90/32; }; }; class default { bandwidth 8; }; si eth1-qos.cfg class class_1 { bandwidth 4096; limit 4096; burst 2; priority 1; que sfq; client client1 { bandwidth 96; limit 128; burst 0; priority 1; dst { xx.xx.xx.230/32; }; }; client client2 { bandwidth 96; limit 128; burst 0; priority 1; dst { xx.xx.xx.2/32; }; }; ................................ client clientX { bandwidth 96; limit 128; burst 0; priority 1; dst { xx.xx.xx.90/32; }; }; }; class default { bandwidth 8; }; dar cand pornesc HTB, pica netul...pe toate placile de retea . [EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb start Starting HTB-tools on eth0 ... Checking the config file ...OK Checking kernel support for HTB: present. HTB-tools was successfuly started on eth0. Starting HTB-tools on eth1 ... Checking the config file ...OK Checking kernel support for HTB: present. HTB-tools was successfuly started on eth1. [EMAIL PROTECTED] gelu]# ping www.yahoo.com [EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb stop Deleting rules for device eth0 Deleting rules for device eth1 [EMAIL PROTECTED] gelu]# ping www.yahoo.com PING www.yahoo.akadns.net (209.191.93.52) 56(84) bytes of data. 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=1 ttl=49 time=1 73 ms 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=2 ttl=49 time=1 72 ms --- www.yahoo.akadns.net ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1004ms rtt min/avg/max/mdev = 172.960/173.024/173.088/0.064 ms Multumesc __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
