[plug] Software/Method Suggestions for Gateway

Craig Ringer craig at postnewspapers.com.au
Tue Apr 19 10:30:39 WST 2005


On Tue, 2005-04-19 at 09:29 +0800, Timothy White wrote:

> I'm looking for a way to 'shape' and prioritise traffic.

Check out the list archives, this has been discussed before. Keywords
and things to look into:
	WonderShaper, HTB, LART/LARTC, lartc.org, CBQ, tc

I rolled my own setup using HTB. It took aaages to get right, but worked
very well until I introduced an 802.11b interface on the gateway (which
now has three "internal" interfaces (two in regular use), and one
external one). I never got around to figuring out how to handle that.

If you can find a canned solution, I'd recommend using that.

> All the computers use LineControl to dialup so I can run a firewall
rule
> for each computer to give them access to the Internet when they say they
> are connected.
> The firewall rules will allow all computers on the network access to
> pop, imap, and smtp regardless of their LC state.

NFI about this LineControl stuff, though the firewall rules should be
simple if it doesn't entirely rewrite your iptables rules each time
something changes.

> But I need each computer to get an equal share of the bandwidth and also
> for traffic priotising to occur (so web browsing can continue while
> files are being downloaded, and so that mail (smtp,pop) also keep
> flowing while lots of people are using the net.
> Anybody know of a way to do this?

I just hardcoded the bandwidth shares for the number of hosts I had. Any
leftover is shared out, so it worked quite well even when only one or
two hosts were active. 

> 
> Also Dad wants to have a graphical tool that will allow him to view all
> connections from the LAN to the Internet, it needs to show destination,
> source, type, rate up/down, and if possible what service it is (ssh,
> http, imap, pop...) all in real time. Any suggestions?

apt-get install etherape

> All the connections are NATed or through the transparent Squid Proxy.

Etherape will handle NAT fine IIRC, but probably won't show transproxied
HTTP as "direct" between Internet host and internal host.

--
Craig Ringer




More information about the plug mailing list