Classifier not working correctly

Home Page Forums Network Management Firewall, Traffic Shaping and Net Balancer Classifier not working correctly

This topic contains 0 replies, has 0 voices, and was last updated by  Eliminateur 9 years ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #42317

    Eliminateur
    Member

    I’m testing the classifier with an HTTPS download from a known server, so i set to download the file and create the rule:
    MARK all opt — in * out * 0.0.0.0/0 -> 91.121.88.xxx MARK set 0x11

    i assign it to my ETH00 interface as it’s DOWNSTREAM traffic, activate changes… 0 bits, whilst i’m downloading @200K, i see all the traffic goes to default shaper….
    ok, so i change the rule to put the ip as SOURCE, same thing…

    i loaded wireshark on my PC and it correctly shows the incoming IP as the originating one.

    what am i doing wrong?

    The other part not working is P2P control, i built rules:
    * * MARK tcp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:3827 MARK set 0xb P2PUL yes
    5 * * MARK udp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp spt:3827 MARK set 0xb P2PUL no
    6 * * MARK tcp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:3827 MARK set 0xc P2PDL no
    7 * * MARK udp opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:3827 MARK set 0xc P2PDL no

    3827 is the TCP/UDP port my P2P app uses.

    i put the P2PUL rules in the PPP0 IF, as they’re the “upload” ones with source port of 3827
    then i put the P2PDL rules in the ETH0 with dst port 3827
    theoretically this should work like a charm…

    very few packets marked…

    #49981

    Eliminateur
    Member

    After some more fiddling i tested a rule and explicitly selected an interface for input and output and voila!, now it detects and works….

    this is obviously a bug, because, for example, i want to limit IRC, instead of building a simple L7 classifier and assigning it to both interfaces now i have to create 2 rules and 2 classifiers for each direction(in ppp and out ppp) which sucks

    addendum 1: more testing
    i cannot limit P2P upload, i built a rule with source ip and source port:
    4 * * MARK tcp opt — in * out * 192.168.2.9 -> 0.0.0.0/0 tcp spt:3827 MARK set 0xb P2PUL yes

    it marks packets but WAAAAY below what it should, i mean, it’smarking 40kbits with a 40kbit max limit but on the emule side i see it happily uploading @80kbits….

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.