Date: Sun, 11 Sep 2011 18:19:10 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: alexus <alexus@gmail.com> Cc: =?KOI8-R?B?68/O2MvP1yDl18fFzsnK?= <kes-kes@yandex.ru>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: traffic shaping freebsd Message-ID: <CAHu1Y73FgMRYBR2fQ-Jqnd00G%2ByNzCA-RL4JedNn69YH=RE-AQ@mail.gmail.com> In-Reply-To: <CAHu1Y73gLhcq5GjYW7aFZG0PDRtGGwZFO8P4%2BRGEqay04ZnAJw@mail.gmail.com> References: <CAJxePN%2BXUGCL0GPGEboFoEhONb9YXHFjxamVucf7=rm8YwAJCA@mail.gmail.com> <108373957.20110912012809@yandex.ru> <CAJxePNLSJj-6LcfA1ff6fZ2c1B=QjL-CBr1RSzi=j2w275T3kQ@mail.gmail.com> <CAHu1Y70uCvtjEr=h%2BUEPRfQSOh-3r0VAi6L7rrY92HzUisFTUw@mail.gmail.com> <CAJxePNKY50UfPvDtoVhNz0kY8vDn87nubwWwh_Koa-KsBKYoEA@mail.gmail.com> <CAHu1Y73gLhcq5GjYW7aFZG0PDRtGGwZFO8P4%2BRGEqay04ZnAJw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
amending my remark... UID matching is problematic. Why are you trying to classify packets based on that? On Sunday, September 11, 2011, Michael Sierchio <kudzu@tenebras.com> wrote: > You don't seem to have any rules that match packets. This won't work. > > On Sunday, September 11, 2011, alexus <alexus@gmail.com> wrote: >> su-4.2# grep pipe /etc/ipfw.rules >> pipe flush >> pipe 1 config bw 1Mbit/s mask dst-port www >> pipe 2 config bw 1Mbit/s mask src-port www >> pipe 3 config bw 1Mbit/s mask dst-port 3128 >> add 3128 pipe 3 tcp from any to any src-port 3128 uid root >> add 8381 pipe 1 tcp from any to any dst-port www uid daemon >> add 8382 pipe 2 tcp from any to any src-port www uid daemon >> su-4.2# >> >> >> su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw >> pipe show 2 >> 08381 11190 815447 pipe 1 tcp from any to any dst-port 80 uid daemon >> 08382 14394 16926849 pipe 2 tcp from any 80 to any uid daemon >> 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 64.237.55.83/64730 69.10.58.25/80 11190 815447 0 0 0 >> 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 69.10.58.25/80 64.237.55.83/64730 14394 16926849 0 0 10 >> su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw >> pipe show 2 >> 08381 11218 817225 pipe 1 tcp from any to any dst-port 80 uid daemon >> 08382 14434 16979213 pipe 2 tcp from any 80 to any uid daemon >> 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 64.237.55.83/64730 69.10.58.25/80 11218 817225 0 0 0 >> 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 69.10.58.25/80 64.237.55.83/64730 14434 16979213 0 0 10 >> su-4.2# >> >> as you see ipfw rules matches as count is increasing, yet pipe i'm not >> seeing any difference at all, its like it matched first time and >> that's it... >> >> yet pipe shows different output >> >> su-4.2# ipfw show | grep 'pipe 3' && ipfw pipe show 3 >> 03128 37483 71276160 pipe 3 tcp from any 3128 to any uid root >> 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 ip 0.0.0.0/0 0.0.0.0/1056 16 2383 0 0 0 >> 16 ip 0.0.0.0/0 0.0.0.0/1032 8 9398 0 0 0 >> 32 ip 0.0.0.0/0 0.0.0.0/2096 41 43167 0 0 0 >> 48 ip 0.0.0.0/0 0.0.0.0/56 2 7074 0 0 0 >> su-4.2# !! >> ipfw show | grep 'pipe 3' && ipfw pipe show 3 >> 03128 39285 74616912 pipe 3 tcp from any 3128 to any uid root >> 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 ip 0.0.0.0/0 0.0.0.0/1056 19 20651 0 0 0 >> 16 ip 0.0.0.0/0 0.0.0.0/1064 36 41781 0 0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y73FgMRYBR2fQ-Jqnd00G%2ByNzCA-RL4JedNn69YH=RE-AQ>