Witam, mam problem z zaimplementowaniem ograniczenia programów P2P. Nie mogę znaleźć przyczyny, może ktoś z czytających zauważy problem :)
# rc.masq-pre iptables -t mangle -A PREROUTING -p tcp -j CONNMARK --restore-mark iptables -t mangle -A PREROUTING -p tcp -m ipp2p --ipp2p --bit --apple -j MARK --set-mark 9998 iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 2234 -j MARK --set-mark 9998 iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 5534 -j MARK --set-mark 9998 iptables -t mangle -A PREROUTING -p tcp -m mark ! --mark 0x0 -j CONNMARK --save-mark
# rc.masq-post iptables -t mangle -A POSTROUTING -m mark --mark 9998 -j CLASSIFY --set-class 1:9998
############## # eth0 - klienci # eth1 - świat ##############
# rc.limits
tc qdisc del root dev eth0 tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 1: classid 1:9997 htb prio 0 rate 10mbit burst 1mbit tc class add dev eth0 parent 1:9997 classid 1:9999 htb prio 1 rate 10mbit burst 1mbit
tc qdisc del root dev eth1 tc qdisc add dev eth1 root handle 1: htb tc class add dev eth1 parent 1: classid 1:9997 htb prio 0 rate 7500kbit burst 750kbit tc class add dev eth1 parent 1:9997 classid 1:9999 htb prio 1 rate 4500kbit burst 450kbit tc class add dev eth1 parent 1:9997 classid 1:9998 htb prio 2 rate 3000kbit burst 300kbit
iptables -t mangle -A LIMITS -d 192.168.1.2 -j MARK --set-mark 1 tc class add dev eth0 parent 1:9999 classid 1:1 htb prio 5 rate 32kbit ceil 256kbit burst 4kbit tc filter add dev eth0 protocol ip parent 1: handle 1 fw classid 1:1
iptables -t mangle -A LIMITS -s 192.168.1.2 -j MARK --set-mark 2 tc class add dev eth1 parent 1:9999 classid 1:1 htb prio 5 rate 32kbit ceil 256kbit burst 4kbit tc filter add dev eth1 protocol ip parent 1: handle 2 fw classid 1:1