From owner-freebsd-questions@FreeBSD.ORG Mon Sep 12 01:19:12 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 25C91106566B for ; Mon, 12 Sep 2011 01:19:12 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id A3AC48FC0C for ; Mon, 12 Sep 2011 01:19:11 +0000 (UTC) Received: by wyh15 with SMTP id 15so3816623wyh.13 for ; Sun, 11 Sep 2011 18:19:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.216.220.218 with SMTP id o68mr1785052wep.53.1315790350435; Sun, 11 Sep 2011 18:19:10 -0700 (PDT) Received: by 10.216.156.140 with HTTP; Sun, 11 Sep 2011 18:19:10 -0700 (PDT) In-Reply-To: References: <108373957.20110912012809@yandex.ru> Date: Sun, 11 Sep 2011 18:19:10 -0700 Message-ID: From: Michael Sierchio To: alexus Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: =?KOI8-R?B?68/O2MvP1yDl18fFzsnK?= , "freebsd-questions@freebsd.org" Subject: Re: traffic shaping freebsd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Sep 2011 01:19:12 -0000 amending my remark... UID matching is problematic. Why are you trying to classify packets based on that? On Sunday, September 11, 2011, Michael Sierchio wrote: > You don't seem to have any rules that match packets. This won't work. > > On Sunday, September 11, 2011, alexus wrote: >> su-4.2# grep pipe /etc/ipfw.rules >> pipe flush >> pipe 1 config bw 1Mbit/s mask dst-port www >> pipe 2 config bw 1Mbit/s mask src-port www >> pipe 3 config bw 1Mbit/s mask dst-port 3128 >> add 3128 pipe 3 tcp from any to any src-port 3128 uid root >> add 8381 pipe 1 tcp from any to any dst-port www uid daemon >> add 8382 pipe 2 tcp from any to any src-port www uid daemon >> su-4.2# >> >> >> su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw >> pipe show 2 >> 08381 11190 815447 pipe 1 tcp from any to any dst-port 80 uid daemon >> 08382 14394 16926849 pipe 2 tcp from any 80 to any uid daemon >> 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 64.237.55.83/64730 69.10.58.25/80 11190 815447 0 0 0 >> 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 69.10.58.25/80 64.237.55.83/64730 14394 16926849 0 0 10 >> su-4.2# ipfw show | grep -E 'pipe 1|pipe 2' && ipfw pipe show 1 ; ipfw >> pipe show 2 >> 08381 11218 817225 pipe 1 tcp from any to any dst-port 80 uid daemon >> 08382 14434 16979213 pipe 2 tcp from any 80 to any uid daemon >> 00001: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 64.237.55.83/64730 69.10.58.25/80 11218 817225 0 0 0 >> 00002: 1.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0000 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 tcp 69.10.58.25/80 64.237.55.83/64730 14434 16979213 0 0 10 >> su-4.2# >> >> as you see ipfw rules matches as count is increasing, yet pipe i'm not >> seeing any difference at all, its like it matched first time and >> that's it... >> >> yet pipe shows different output >> >> su-4.2# ipfw show | grep 'pipe 3' && ipfw pipe show 3 >> 03128 37483 71276160 pipe 3 tcp from any 3128 to any uid root >> 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 ip 0.0.0.0/0 0.0.0.0/1056 16 2383 0 0 0 >> 16 ip 0.0.0.0/0 0.0.0.0/1032 8 9398 0 0 0 >> 32 ip 0.0.0.0/0 0.0.0.0/2096 41 43167 0 0 0 >> 48 ip 0.0.0.0/0 0.0.0.0/56 2 7074 0 0 0 >> su-4.2# !! >> ipfw show | grep 'pipe 3' && ipfw pipe show 3 >> 03128 39285 74616912 pipe 3 tcp from any 3128 to any uid root >> 00003: 1.000 Mbit/s 0 ms 50 sl. 4 queues (64 buckets) droptail >> mask: 0x00 0x00000000/0x0000 -> 0x00000000/0x0c38 >> BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp >> 0 ip 0.0.0.0/0 0.0.0.0/1056 19 20651 0 0 0 >> 16 ip 0.0.0.0/0 0.0.0.0/1064 36 41781 0 0