Salut,
Folosesc kernelul 2.6.15.7 cu suport pt HTB (de fapt toata sectiunea qos), 
HTB-tools.0.3.0-beta4 si Mandriva2006. Am 4 placi de retea (3 fizice si una 
virtuala) deoarece momentan am 3 clase de IP-uri, dar una dintre clase (eth1) 
nu este inca data in folosinta si fac teste pe ea

cum procedez:
iptables -t mangle -N mark_horiz_src 
iptables -t mangle -N mark_horiz_dst 
iptables -t mangle -A PREROUTING -i eth0 -j mark_horiz_src 
iptables -t mangle -A PREROUTING -i eth1 -j mark_horiz_dst 
iptables -t mangle -A OUTPUT -o eth0 -j mark_horiz_dst 
............................................... 
#la sfarsitul fw 
/usr/sbin/importbgp 
 
unde importbgp este: 
#!/bin/bash 
bgp_file=/var/local/ipclasses.bgp 
if wget -q --output-document=$bgp_file 
http://clienti.evolva.ro/subnets.php?net=all; then 
    mipclasses -s mark_horiz_src -d mark_horiz_dst -m 1 < $bgp_file | 
iptables-restore -n 
fi 
 
eth0-qos.cfg si eth1-qos.cfg arata astfel: 
 
eth0-qos.cfg
class class_1 { 
      bandwidth 4096; 
      limit 4096; 
      burst 0; 
      priority 1; 
 
               client client1 { 
                  bandwidth 128; 
                  limit 256; 
                  burst 0; 
                  priority 1; 
                     src { 
                        xx.xx.xx.230/32; 
                           }; 
                 }; 
                
                  client client2 { 
                  bandwidth 64; 
                  limit 256; 
                  burst 0; 
                  priority 1; 
                     src { 
                        xx.xx.xx.2/32; 
                           }; 
                 }; 
........................................... 
               client clientX { 
                  bandwidth 128; 
                  limit 128; 
                  burst 0; 
                  priority 1; 
                     src { 
                        xx.xx.xx.90/32; 
                           }; 
                 }; 
class default { bandwidth 8; }; 
 
si 
 
eth1-qos.cfg
class class_1 { 
        bandwidth 4096; 
        limit 4096; 
        burst 2; 
        priority 1; 
        que sfq; 
client client1 { 
        bandwidth 96; 
        limit 128; 
        burst 0; 
        priority 1; 
        dst { 
                xx.xx.xx.230/32; 
                }; 
        }; 
client client2 { 
        bandwidth 96; 
        limit 128; 
        burst 0; 
        priority 1; 
        dst { 
                xx.xx.xx.2/32; 
                }; 
        }; 
................................ 
client clientX { 
        bandwidth 96; 
        limit 128; 
        burst 0; 
        priority 1; 
        dst { 
                xx.xx.xx.90/32; 
                }; 
        }; 
};
class default { bandwidth 8; };

dar cand pornesc HTB, pica netul...pe toate placile de retea . 

[EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb start 
  
 Starting HTB-tools on eth0 ... 
 Checking the config file ...OK 
 Checking kernel support for HTB: present. 
 HTB-tools was successfuly started on eth0. 
  
  
 Starting HTB-tools on eth1 ... 
 Checking the config file ...OK 
 Checking kernel support for HTB: present. 
 HTB-tools was successfuly started on eth1. 
  
 [EMAIL PROTECTED] gelu]# ping www.yahoo.com 
  
 [EMAIL PROTECTED] gelu]# /etc/rc.d/init.d/rc.htb stop 
 Deleting rules for device eth0 
 Deleting rules for device eth1 
 [EMAIL PROTECTED] gelu]# ping www.yahoo.com 
 PING www.yahoo.akadns.net (209.191.93.52) 56(84) bytes of data. 
 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=1 ttl=49 
time=1 
 73 ms 
 64 bytes from f1.www.vip.mud.yahoo.com (209.191.93.52): icmp_seq=2 ttl=49 
time=1 
 72 ms 
  
 --- www.yahoo.akadns.net ping statistics --- 
 2 packets transmitted, 2 received, 0% packet loss, time 1004ms 
 rtt min/avg/max/mdev = 172.960/173.024/173.088/0.064 ms

Multumesc

 __________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug

Raspunde prin e-mail lui