Hi!

I'd like to be able to limit the outgoing speed on my computer.

I'd like all traffic that's NOT tcp port 20,21,80,443 to be slowed down as much as possible.

I've spent ~8 hours figuring out "tc" (I've been reading most of the LARTC-faq) but still have some problems.

I'm able to limit ALL outgoing traffic to my desired bandwidth when I use the following command:
______________________________________________________

tc qdisc add dev eth1 root tbf rate 256kbit latency 50ms burst 1540
______________________________________________________

but this isn't quite what I want as this also blocks my outgoing ftp-/http-speed.




I've tried to use other approaces (htb) but that in turn seemed to limit my download-speed
to something bizarre (it was <10kbps) and outgoing < 40kbps

These are the commands I tried in order to limit all but ftp/http/https:

______________________________________________________
tc qdisc add dev eth0 root handle 1: htb default 12
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbps ceil 10mbps
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 10mbps ceil 10mbps
tc class add dev eth0 parent 1:1 classid 1:12 htb rate 40kbps ceil 40kbps

tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dport 80 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 80 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dport 21 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 21 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dport 20 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 20 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip dport 443 0xffff flowid 1:10
tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 match ip sport 443 0xffff flowid 1:10
______________________________________________________

I hope someone can help me out here and tell me what I'm doing wrong.

My goal is quite simpel:

Limit all traffic that's not FTP-/WEB-related to a maximum speed at 40kbps.

Best regards!

It seems good to me.

I have a almost same setup and it works fine.
The only things i have different are the following

I don't know if it makes any difference but don't give the full 1:1 bandwidth to 1:10 that is why i changed yours to 9.
Second, you didn't set any queue for the classes. (I think this is needed but very long time has passed since i have set it up, so i can't
remember, maybe i am wrong, but try it anyway)
I used the SFQ queue but you can use any one you want (SFQ is good though)

Another thing you can do instead of all the port matching, use the firewall classifier.
that is you mark the packets with iptables and then you choose the iptables mark for matching.
For example
This is the same as your approach. It will have the same effect, i just find it easier to mess with iptables.

I had posted a method to get perfect load balancing on another forum a while back. You might find it useful
http://forums.fedoraforum.org/showthread.php?p=835704

To use some specific iptables features, you may have to re-compile it. This link will help
http://mndar.phpnet.us/tutorials/Lin...s_goodies.html

I have tried many scripts none of them work, im trying to shape on linux for the last 2 weeks
how can I know what is wrong ?

I have all the requirements I have selected almost all in kernel config related to qos netfilter and iptables (modules) including (all of) those mentioned here: http://www.knowplace.org/pages/howto...quirements.php
but the shaping does not take place, and has no effect, even if
iptables -t mangle -L -n -v
tc -s qdisc ls dev ppp0
tc -s class ls dev ppp0
tc -s filter ls dev ppp0

say that it does, how can that be ?

here is a test:

with shapingwithoutthe download was congested During test, upload was unused, using the (a bit modified, without incoming traffic shaping) myshaper script