[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Advanced traffic shaping with iptables?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Advanced traffic shaping with iptables?
From: tor-op@xxxxxxxxxxxx
Date: Tue, 25 Sep 2007 20:41:52 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 25 Sep 2007 20:42:00 -0400
In-reply-to: <46F97E11.9050709@xxxxxxxx>
References: <46F8572C.8020500@xxxxxxxx> <20070925042428.GA15313@xxxxxxxxxxxxxxxxxxx> <46F97E11.9050709@xxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

Hi,

On Tue, Sep 25, 2007 at 11:30:57PM +0200, Linus L?ssing wrote:
> 
> >See http://archives.seul.org/or/talk/Aug-2007/msg00192.html
> >for such a script. I've not tested it myself, so YMMV.
> >
> >the documentation on trafic shaping under linux is here:
> >http://lartc.org/
> >
> Thanks man, this script looks pretty much the way, I've been looking 
> for. Yep, the syntax of iptables+tc is really confusing, I tried to go 
> through some tutorials before. But you seem to have posted a usefull 
> link, I'll have a look at it later.

It is probably a good start point.

> Can you also telle me, what the BOX_IP and TOR_IP-paramteters are good 
> for? It has nothing to do with my own IP-address, has it? Cause I've got 
> a dynamic one...

It looks like the script needs Tor to run on a virtual address.
This could be done by adding another address to your default interface

# ifconfig eth0:0 10.11.12.13

and use that address in your tor config.

You should probably contact the author directly if you have problem getting
that particular script to work. As for iptables or tc related questions,
they should probably be asked on their respective mailing-lists.

Regards


> 
> >I've a similar setup with a slightly better upload rate (64KB nominal) and
> >I don't use shaping at all. I've set up tor with 60KB/60KB bandwith limits
> >and find out they're ok.
> >The only real downside are online games (nexuiz) which suffers badly,
> >otherwise all other applications are ok.
> >
> >ciao
> 
> Hmm, for me, it doesn't seem to work. Talks with VoIP hangs badly, while 
> TOR is running too. I've always got to stop the process first (what is 
> really annoying, cause I've got to connect over SSH to my 
> mini-linux-server in the cellar first).
> >If you want bandwidth shaping, I'd suggest using pf (Open/FreeBSD) for
> >traffic shaping.
> >iptables + tc never did the job for me and it's the reason I tried pf in 
> >the
> >first place.
> >
> >Pf has incredibly legible syntax and reading the pf faq will get you up and
> >running in no time.
> Sounds good, but I don't want to move from Debian to Open/FreeBSD. I 
> would have to set up all the apps again...
> 
> 
> Thanks for the quick responses.
> Greetz, Linus
>

Attachment: pgpq76pOJv2w1.pgp
Description: PGP signature

Follow-Ups:
- Re: Advanced traffic shaping with iptables?
  - From: Marco Bonetti

References:
- Advanced traffic shaping with iptables?
  - From: Linus Lüssing
- Re: Advanced traffic shaping with iptables?
  - From: tor-op
- Re: Advanced traffic shaping with iptables?
  - From: Linus Lüssing

Prev by Author: Re: Advanced traffic shaping with iptables?
Next by Author: Filtering traffic from your node - for exit points
Previous by thread: Re: Advanced traffic shaping with iptables?
Next by thread: Re: Advanced traffic shaping with iptables?
Index(es):
- Author
- Thread