I’m testing the classifier with an HTTPS download from a known server, so i set to download the file and create the rule:
MARK all opt — in * out * 0.0.0.0/0 -> 91.121.88.xxx MARK set 0x11
i assign it to my ETH00 interface as it’s DOWNSTREAM traffic, activate changes… 0 bits, whilst i’m downloading @200K, i see all the traffic goes to default shaper….
ok, so i change the rule to put the ip as SOURCE, same thing…
i loaded wireshark on my PC and it correctly shows the incoming IP as the originating one.
what am i doing wrong?
The other part not working is P2P control, i built rules:
* * MARK tcp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:3827 MARK set 0xb P2PUL yes
5 * * MARK udp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp spt:3827 MARK set 0xb P2PUL no
6 * * MARK tcp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:3827 MARK set 0xc P2PDL no
7 * * MARK udp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:3827 MARK set 0xc P2PDL no
3827 is the TCP/UDP port my P2P app uses.
i put the P2PUL rules in the PPP0 IF, as they’re the “upload” ones with source port of 3827
then i put the P2PDL rules in the ETH0 with dst port 3827
theoretically this should work like a charm…
After some more fiddling i tested a rule and explicitly selected an interface for input and output and voila!, now it detects and works….
this is obviously a bug, because, for example, i want to limit IRC, instead of building a simple L7 classifier and assigning it to both interfaces now i have to create 2 rules and 2 classifiers for each direction(in ppp and out ppp) which sucks
addendum 1: more testing
i cannot limit P2P upload, i built a rule with source ip and source port:
4 * * MARK tcp opt — in * out * 192.168.2.9 -> 0.0.0.0/0 tcp spt:3827 MARK set 0xb P2PUL yes
it marks packets but WAAAAY below what it should, i mean, it’smarking 40kbits with a 40kbit max limit but on the emule side i see it happily uploading @80kbits….