NSLU2-Linux
view · edit · print · history

HowTo.EnableTrafficShaping History

Hide minor edits - Show changes to markup

July 22, 2005, at 02:01 PM by tman -- Real quotation marks don't work in shellscripts. Restored.
Changed lines 1-2 from:

This howto describes, how to enable traffic-shaping for the NSLU2, so you can limit the rate of outgoing (and even incoming) network traffic. The howto is divided into several steps, for some of them you can either choose the “hard way” (i.e. doing all on your own), or the “easy way” (i.e. trusting my compilation-capabilities). So lets start...

to:

This howto describes, how to enable traffic-shaping for the NSLU2, so you can limit the rate of outgoing (and even incoming) network traffic. The howto is devided into several steps, for some of them you can either choose the "hard way" (i.e. doing all on your own), or the "easy way" (i.e. trusting my compilation-capabilities). So lets start...

Changed lines 5-6 from:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of the Linux traffic-shaper. So, we’ll have to activate some modules in Unslung’s kernel and compile it.

to:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of the Linux traffic-shaper. So, we'll have to activate some modules in Unslung's kernel and compile it.

Changed lines 14-15 from:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig by appending:
to:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig by appending:
Changed line 70 from:
  • build the unslung-images (“bb unslung-image”, again: read howto!)
to:
  • build the unslung-images ("bb unslung-image", again: read howto!)
Changed lines 77-78 from:

Flash the (compiled or downloaded) image-file “unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img” to your slug, following the README of the normal unslung-distribution until you finished to it’s very end, having completed all those reboots, unslings etc pp.

to:

Flash the (compiled or downloaded) image-file "unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img" to your slug, following the README of the normal unslung-distribution until you finished to it's very end, having completed all those reboots, unslings etc pp.

Changed lines 81-82 from:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named “/opt/lib/modules”. If you followed step 1.1, get the modules from http://nslu2.siddy.org/shaper/shaper_modules.tar.gz and untar them in “/opt/lib/modules”. If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

to:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named "/opt/lib/modules". If you followed step 1.1, get the modules from http://nslu2.siddy.org/shaper/shaper_modules.tar.gz and untar them in "/opt/lib/modules". If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

Changed line 127 from:

(okay, we don’t need all of them, but the more the better, right? ;) )

to:

(okay, we don't need all of them, but the more the better, right? ;) )

Changed lines 131-132 from:

To simplify the process of loading the required modules, let’s create a simple bash-script to do the work for us. So, create the file “/opt/sbin/load_shaper_modules”, chmod 755 it and paste the following content (removing the leading spaces, as usual...)

to:

To simplify the process of loading the required modules, let's create a simple bash-script to do the work for us. So, create the file "/opt/sbin/load_shaper_modules", chmod 755 it and paste the following content (removing the leading spaces, as usual...)

Changed lines 137-139 from:
 MODDIR=“/opt/lib/modules”
 INSMOD=“/sbin/insmod”
to:
 MODDIR="/opt/lib/modules"
 INSMOD="/sbin/insmod"
Changed lines 152-161 from:

Execute /opt/sbin/load_shaper_modules and hopefully don’t get any error-messages.

Step 5: Installing ‘iptables’

To install the iptables userspace-tool, simply do an “ipkg update; ipkg install iptables”.

Step 6: Installing ‘tc’

In this step, we’ll install the program named ‘tc’ (for “traffic control”). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 up to now, so there is no iproute2-ipk for the slug. So, here we go:

to:

Execute /opt/sbin/load_shaper_modules and hopefully don't get any error-messages.

Step 5: Installing 'iptables'

To install the iptables userspace-tool, simply do an "ipkg update; ipkg install iptables".

Step 6: Installing 'tc'

In this step, we'll install the program named 'tc' (for "traffic control"). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 up to now, so there is no iproute2-ipk for the slug. So, here we go:

Changed lines 164-165 from:

Get ‘tc’ from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin . Then make it executable by doing chmod +x /opt/sbin/tc.

to:

Get 'tc' from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin . Then make it executable by doing chmod +x /opt/sbin/tc.

Changed lines 168-169 from:

Get the source of iproute2 from http://developer.osdl.org/dev/iproute2/ and compile tc. It can be compiled using a native compiler (see corresponding howto) or cross-compilation (again...). Cross-compilation will probably fail somewhere at arpd, but that’s after tc, so who cares... ;-) So, somehow you will be able to get an arm-executable of tc and copy it to /opt/sbin.

to:

Get the source of iproute2 from http://developer.osdl.org/dev/iproute2/ and compile tc. It can be compiled using a native compiler (see corresponding howto) or cross-compilation (again...). Cross-compilation will probably fail somewhere at arpd, but that's after tc, so who cares... ;-) So, somehow you will be able to get an arm-executable of tc and copy it to /opt/sbin.

Changed lines 172-173 from:

We’re getting close to our goal now... it’s time to configure the traffic-shaper! If you are a real sadist, you can do it manually with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else’s work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take the one of my choice and copy it to /opt/sbin/shaper :

to:

We're getting close to our goal now... it's time to configure the traffic-shaper! If you are a real sadist, you can do it manually with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else's work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take the one of my choice and copy it to /opt/sbin/shaper :

Changed line 178 from:
 # myshaper–DSL/Cable modem outbound traffic shaper and prioritizer.
to:
 # myshaper - DSL/Cable modem outbound traffic shaper and prioritizer.
Changed line 184 from:
 # NOTE!!–This script assumes your kernel has been patched with the
to:
 # NOTE!! - This script assumes your kernel has been patched with the
Changed lines 192-193 from:
 #  DEV–set to ethX that connects to DSL/Cable Modem
 #  RATEUP–set this to slightly lower than your
to:
 #  DEV    - set to ethX that connects to DSL/Cable Modem
 #  RATEUP - set this to slightly lower than your
Changed lines 204-207 from:
 TC=“/opt/sbin/tc”
 IPTABLES=“/opt/sbin/iptables”
to:
 TC="/opt/sbin/tc"
 IPTABLES="/opt/sbin/iptables"
Changed line 212 from:
 if [ “$1” = “status” ]
to:
 if [ "$1" = "status" ]
Changed line 214 from:
         echo “[qdisc]”
to:
         echo "[qdisc]"
Changed line 216 from:
         echo “[class]”
to:
         echo "[class]"
Changed line 218 from:
         echo “[filter]”
to:
         echo "[filter]"
Changed line 220 from:
         echo “[iptables]”
to:
         echo "[iptables]"
Changed line 232 from:
 if [ “$1” = “stop” ]
to:
 if [ "$1" = "stop" ]
Changed line 234 from:
         echo “Shaping removed on $DEV.”
to:
         echo "Shaping removed on $DEV."
Changed lines 239-240 from:
 echo “Starting outbound shaping...”
to:
 echo "Starting outbound shaping..."
Changed line 255 from:
 # We grant each class at LEAST it’s “fair share”
to:
 # We grant each class at LEAST it's "fair share"
Changed line 293 from:
 # iptables later).  Note that above we’ve set the
to:
 # iptables later).  Note that above we've set the
Changed line 316 from:
 # this sets up the table we’ll use to filter and mark packets.
to:
 # this sets up the table we'll use to filter and mark packets.
Changed lines 326-327 from:
   —sport 0:1024 -j MARK —set-mark 23
to:
   --sport 0:1024 -j MARK --set-mark 23
Changed lines 330-331 from:
   —dport 0:1024 -j MARK —set-mark 23
to:
   --dport 0:1024 -j MARK --set-mark 23
Changed lines 334-336 from:
   —dport 20 -j MARK —set-mark 26

 # ICMP (ping)–high prio, impress friends
to:
   --dport 20 -j MARK --set-mark 26

 # ICMP (ping) - high prio, impress friends
Changed lines 338-339 from:
   -j MARK —set-mark 20
to:
   -j MARK --set-mark 20
Changed lines 342-343 from:
   -j MARK —set-mark 21
to:
   -j MARK --set-mark 21
Changed lines 346-347 from:
   —dport ssh -j MARK —set-mark 21
to:
   --dport ssh -j MARK --set-mark 21
Changed lines 350-351 from:
   —sport ssh -j MARK —set-mark 21
to:
   --sport ssh -j MARK --set-mark 21
Changed lines 354-355 from:
   —dport telnet -j MARK —set-mark 21
to:
   --dport telnet -j MARK --set-mark 21
Changed lines 358-359 from:
   —sport telnet -j MARK —set-mark 21
to:
   --sport telnet -j MARK --set-mark 21
Changed lines 362-363 from:
   —sport http -j MARK —set-mark 22
to:
   --sport http -j MARK --set-mark 22
Changed lines 366-367 from:
   —sport 10000 -j MARK —set-mark 22
to:
   --sport 10000 -j MARK --set-mark 22
Changed lines 370-371 from:
   -m length —length :64 -j MARK —set-mark 2
to:
   -m length --length :64 -j MARK --set-mark 2
Changed lines 374-375 from:
   —dst 192.168.1.1/24 -j MARK —set-mark 2 
to:
   --dst 192.168.1.1/24 -j MARK --set-mark 2 
Changed lines 378-379 from:
   —mark 0 -j MARK —set-mark 26
to:
   --mark 0 -j MARK --set-mark 26
Changed line 384 from:
 echo “Outbound shaping added to $DEV.  Rate: ${RATEUP}Kbit/sec.”
to:
 echo "Outbound shaping added to $DEV.  Rate: ${RATEUP}Kbit/sec."
Changed lines 387-390 from:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . Remember to make the script executable. You probably want to edit some variables in the script, especially “RATEUP” for the overall maximum upload-limit, and “MINCLASSRATE” for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Now, execute “/opt/sbin/shaper start” and be happy if you do not see any error-messages! :-D

to:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . Remember to make the script executable. You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Now, execute "/opt/sbin/shaper start" and be happy if you do not see any error-messages! :-D

Changed lines 393-394 from:

You probably want to start the traffic-shaper each time you boot your slug. For this purpose, simply create a script named “/opt/etc/init.d/S05shaper” (chmodded to 755) and paste something like

to:

You probably want to start the traffic-shaper each time you boot your slug. For this purpose, simply create a script named "/opt/etc/init.d/S05shaper" (chmodded to 755) and paste something like

Changed lines 404-405 from:

Well, that’s all! Your traffic-shaper should now be up and running! Easy going, wasn’t it?!

to:

Well, that's all! Your traffic-shaper should now be up and running! Easy going, wasn't it?!

Changed lines 408-409 from:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn’t work for you (and I do not know why it shouldn’t), it’s not my fault!

to:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn't work for you (and I do not know why it shouldn't), it's not my fault!

July 22, 2005, at 07:32 AM by DrS -- Typos
Changed lines 1-2 from:

This howto describes, how to enable traffic-shaping for the NSLU2, so you can limit the rate of outgoing (and even incoming) network traffic. The howto is devided into several steps, for some of them you can either choose the "hard way" (i.e. doing all on your own), or the "easy way" (i.e. trusting my compilation-capabilities). So lets start...

to:

This howto describes, how to enable traffic-shaping for the NSLU2, so you can limit the rate of outgoing (and even incoming) network traffic. The howto is divided into several steps, for some of them you can either choose the “hard way” (i.e. doing all on your own), or the “easy way” (i.e. trusting my compilation-capabilities). So lets start...

Changed lines 5-6 from:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of the Linux traffic-shaper. So, we'll have to activate some modules in Unslung's kernel and compile it.

to:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of the Linux traffic-shaper. So, we’ll have to activate some modules in Unslung’s kernel and compile it.

Changed line 70 from:
  • build the unslung-images ("bb unslung-image", again: read howto!)
to:
  • build the unslung-images (“bb unslung-image”, again: read howto!)
Changed lines 77-78 from:

Flash the (compiled or downloaded) image-file "unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img" to your slug, following the README of the normal unslung-distribution until you finished to it's very end, having completed all those reboots, unslings etc pp.

to:

Flash the (compiled or downloaded) image-file “unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img” to your slug, following the README of the normal unslung-distribution until you finished to it’s very end, having completed all those reboots, unslings etc pp.

Changed lines 81-82 from:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named "/opt/lib/modules". If you followed step 1.1, get the modules from http://nslu2.siddy.org/shaper/shaper_modules.tar.gz and untar them in "/opt/lib/modules". If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

to:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named “/opt/lib/modules”. If you followed step 1.1, get the modules from http://nslu2.siddy.org/shaper/shaper_modules.tar.gz and untar them in “/opt/lib/modules”. If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

Changed line 127 from:

(okay, we don't need all of them, but the more the better, right? ;) )

to:

(okay, we don’t need all of them, but the more the better, right? ;) )

Changed lines 131-132 from:

To simplify the process of loading the required modules, let's create a simple bash-script to do the work for us. So, create the file "/opt/sbin/load_shaper_modules", chmod 755 it and paste the following content (removing the leading spaces, as usual...)

to:

To simplify the process of loading the required modules, let’s create a simple bash-script to do the work for us. So, create the file “/opt/sbin/load_shaper_modules”, chmod 755 it and paste the following content (removing the leading spaces, as usual...)

Changed lines 137-139 from:
 MODDIR="/opt/lib/modules"
 INSMOD="/sbin/insmod"
to:
 MODDIR=“/opt/lib/modules”
 INSMOD=“/sbin/insmod”
Changed lines 152-161 from:

Execute /opt/sbin/load_shaper_modules and hopefully don't get any error-messages.

Step 5: Installing 'iptables'

To install the iptables userspace-tool, simply do an "ipkg update; ipkg install iptables".

Step 6: Installing 'tc'

In this step, we'll install the program named 'tc' (for "traffic control"). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 up to now, so there is no iproute2-ipk for the slug. So, here we go:

to:

Execute /opt/sbin/load_shaper_modules and hopefully don’t get any error-messages.

Step 5: Installing ‘iptables’

To install the iptables userspace-tool, simply do an “ipkg update; ipkg install iptables”.

Step 6: Installing ‘tc’

In this step, we’ll install the program named ‘tc’ (for “traffic control”). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 up to now, so there is no iproute2-ipk for the slug. So, here we go:

Changed lines 164-165 from:

Get 'tc' from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin . Then make it executable by doing chmod +x /opt/sbin/tc.

to:

Get ‘tc’ from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin . Then make it executable by doing chmod +x /opt/sbin/tc.

Changed lines 168-169 from:

Get the source of iproute2 from http://developer.osdl.org/dev/iproute2/ and compile tc. It can be compiled using a native compiler (see corresponding howto) or cross-compilation (again...). Cross-compilation will probably fail somewhere at arpd, but that's after tc, so who cares... ;-) So, somehow you will be able to get an arm-executable of tc and copy it to /opt/sbin.

to:

Get the source of iproute2 from http://developer.osdl.org/dev/iproute2/ and compile tc. It can be compiled using a native compiler (see corresponding howto) or cross-compilation (again...). Cross-compilation will probably fail somewhere at arpd, but that’s after tc, so who cares... ;-) So, somehow you will be able to get an arm-executable of tc and copy it to /opt/sbin.

Changed lines 172-173 from:

We're getting close to our goal now... it's time to configure the traffic-shaper! If you are a real sadist, you can do it manually with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else's work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take the one of my choice and copy it to /opt/sbin/shaper :

to:

We’re getting close to our goal now... it’s time to configure the traffic-shaper! If you are a real sadist, you can do it manually with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else’s work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take the one of my choice and copy it to /opt/sbin/shaper :

Changed line 178 from:
 # myshaper - DSL/Cable modem outbound traffic shaper and prioritizer.
to:
 # myshaper–DSL/Cable modem outbound traffic shaper and prioritizer.
Changed line 184 from:
 # NOTE!! - This script assumes your kernel has been patched with the
to:
 # NOTE!!–This script assumes your kernel has been patched with the
Changed lines 192-193 from:
 #  DEV    - set to ethX that connects to DSL/Cable Modem
 #  RATEUP - set this to slightly lower than your
to:
 #  DEV–set to ethX that connects to DSL/Cable Modem
 #  RATEUP–set this to slightly lower than your
Changed lines 204-207 from:
 TC="/opt/sbin/tc"
 IPTABLES="/opt/sbin/iptables"
to:
 TC=“/opt/sbin/tc”
 IPTABLES=“/opt/sbin/iptables”
Changed line 212 from:
 if [ "$1" = "status" ]
to:
 if [ “$1” = “status” ]
Changed line 214 from:
         echo "[qdisc]"
to:
         echo “[qdisc]”
Changed line 216 from:
         echo "[class]"
to:
         echo “[class]”
Changed line 218 from:
         echo "[filter]"
to:
         echo “[filter]”
Changed line 220 from:
         echo "[iptables]"
to:
         echo “[iptables]”
Changed line 232 from:
 if [ "$1" = "stop" ]
to:
 if [ “$1” = “stop” ]
Changed line 234 from:
         echo "Shaping removed on $DEV."
to:
         echo “Shaping removed on $DEV.”
Changed lines 239-240 from:
 echo "Starting outbound shaping..."
to:
 echo “Starting outbound shaping...”
Changed line 255 from:
 # We grant each class at LEAST it's "fair share"
to:
 # We grant each class at LEAST it’s “fair share”
Changed line 293 from:
 # iptables later).  Note that above we've set the
to:
 # iptables later).  Note that above we’ve set the
Changed line 316 from:
 # this sets up the table we'll use to filter and mark packets.
to:
 # this sets up the table we’ll use to filter and mark packets.
Changed lines 326-327 from:
   --sport 0:1024 -j MARK --set-mark 23
to:
   —sport 0:1024 -j MARK —set-mark 23
Changed lines 330-331 from:
   --dport 0:1024 -j MARK --set-mark 23
to:
   —dport 0:1024 -j MARK —set-mark 23
Changed lines 334-336 from:
   --dport 20 -j MARK --set-mark 26

 # ICMP (ping) - high prio, impress friends
to:
   —dport 20 -j MARK —set-mark 26

 # ICMP (ping)–high prio, impress friends
Changed lines 338-339 from:
   -j MARK --set-mark 20
to:
   -j MARK —set-mark 20
Changed lines 342-343 from:
   -j MARK --set-mark 21
to:
   -j MARK —set-mark 21
Changed lines 346-347 from:
   --dport ssh -j MARK --set-mark 21
to:
   —dport ssh -j MARK —set-mark 21
Changed lines 350-351 from:
   --sport ssh -j MARK --set-mark 21
to:
   —sport ssh -j MARK —set-mark 21
Changed lines 354-355 from:
   --dport telnet -j MARK --set-mark 21
to:
   —dport telnet -j MARK —set-mark 21
Changed lines 358-359 from:
   --sport telnet -j MARK --set-mark 21
to:
   —sport telnet -j MARK —set-mark 21
Changed lines 362-363 from:
   --sport http -j MARK --set-mark 22
to:
   —sport http -j MARK —set-mark 22
Changed lines 366-367 from:
   --sport 10000 -j MARK --set-mark 22
to:
   —sport 10000 -j MARK —set-mark 22
Changed lines 370-371 from:
   -m length --length :64 -j MARK --set-mark 2
to:
   -m length —length :64 -j MARK —set-mark 2
Changed lines 374-375 from:
   --dst 192.168.1.1/24 -j MARK --set-mark 2 
to:
   —dst 192.168.1.1/24 -j MARK —set-mark 2 
Changed lines 378-379 from:
   --mark 0 -j MARK --set-mark 26
to:
   —mark 0 -j MARK —set-mark 26
Changed line 384 from:
 echo "Outbound shaping added to $DEV.  Rate: ${RATEUP}Kbit/sec."
to:
 echo “Outbound shaping added to $DEV.  Rate: ${RATEUP}Kbit/sec.”
Changed lines 387-390 from:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . Remember to make the script executable. You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Now, execute "/opt/sbin/shaper start" and be happy if you do not see any error-messages! :-D

to:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . Remember to make the script executable. You probably want to edit some variables in the script, especially “RATEUP” for the overall maximum upload-limit, and “MINCLASSRATE” for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Now, execute “/opt/sbin/shaper start” and be happy if you do not see any error-messages! :-D

Changed lines 393-394 from:

You probably want to start the traffic-shaper each time you boot your slug. For this purpose, simply create a script named "/opt/etc/init.d/S05shaper" (chmodded to 755) and paste something like

to:

You probably want to start the traffic-shaper each time you boot your slug. For this purpose, simply create a script named “/opt/etc/init.d/S05shaper” (chmodded to 755) and paste something like

Changed lines 404-405 from:

Well, that's all! Your traffic-shaper should now be up and running! Easy going, wasn't it?!

to:

Well, that’s all! Your traffic-shaper should now be up and running! Easy going, wasn’t it?!

Changed lines 408-409 from:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn't work for you (and I do not know why it shouldn't), it's not my fault!

to:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn’t work for you (and I do not know why it shouldn’t), it’s not my fault!

June 21, 2005, at 02:00 AM by tman --
Changed lines 14-15 from:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig by appending:
to:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig by appending:
June 21, 2005, at 01:59 AM by tman --
Changed lines 14-17 from:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig:

    append
to:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig by appending:
June 20, 2005, at 06:00 PM by tman --
Changed lines 3-4 from:

Step 1: The Kernel

to:

Step 1: The Kernel

Changed lines 7-12 from:

1.1 The easy way

Get the Siddy provided flash-image with activated fair-queuing and gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

1.2 The hard way

to:

1.1 The easy way

Get the Siddy provided flash-image with activated fair-queuing and gunzip it. The MD5 hash of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

1.2 The hard way

Changed lines 14-15 from:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :\\
to:
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig:
    \\
Added line 17:
Changed lines 77-78 from:

Step 2: Flashing

to:

Step 2: Flashing

Changed lines 81-82 from:

Step 3: Installing the modules

to:

Step 3: Installing the modules

Changed lines 131-132 from:

Step 4: Loading the modules

to:

Step 4: Loading the modules

Changed lines 156-157 from:

Step 5: Installing 'iptables'

to:

Step 5: Installing 'iptables'

Changed lines 160-161 from:

Step 6: Installing 'tc'

to:

Step 6: Installing 'tc'

Changed lines 164-165 from:

Step 6.1: The easy way

to:

Step 6.1: The easy way

Changed lines 168-169 from:

Step 6.2: The hard way

to:

Step 6.2: The hard way

Changed lines 172-173 from:

Step 7: Install shaper-script

to:

Step 7: Install shaper-script

Changed line 297 from:
 # (or packets marked with unfamiliar IDs?) will be
to:
 # (or packets marked with unfamiliar IDs) will be
Changed lines 393-394 from:

Step 8: Create init.d-script

to:

Step 8: Create init.d-script

Changed line 412 from:

Siddy (sidddy _at_ gmail.com)

to:

Siddy (sidddy _at_ gmail.com)

June 20, 2005, at 05:57 PM by tman --
Changed lines 5-6 from:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

to:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of the Linux traffic-shaper. So, we'll have to activate some modules in Unslung's kernel and compile it.

Changed lines 9-10 from:

Get the flash-image with activated fair-queuing from http://nslu2.siddy.org/shaper/unslung-able-nslu2-20050106151207.flashdisk.img.gz and gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

to:

Get the Siddy provided flash-image with activated fair-queuing and gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

Changed lines 13-14 from:
  • get bitbake + openembedded trees (see corresponding howto)
  • modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :\\
to:
  • Get bitbake + openembedded trees (see corresponding howto)
  • Modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :\\
Added line 67:
Added line 69:
Deleted lines 74-75:
Changed lines 227-228 from:
 $IPTABLES -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT 2> /dev/null > /dev/null
to:
 $IPTABLES -t mangle -D POSTROUTING -o $DEV \
    -j MYSHAPER-OUT 2> /dev/null > /dev/null
Changed lines 253-257 from:
 # add leaf classes - We grant each class at LEAST it's "fair share" of bandwidth.
 #                    this way no class will ever be starved by another class.  Each
 #                    class is also permitted to consume all of the available bandwidth
 #                    if no other classes are in use.
to:
 # add leaf classes
 #
 # We grant each class at LEAST it's "fair share"
 # of bandwidth. this way no class will ever be
 # starved by another class.  Each class is also
 # permitted to consume all of the available bandwidth
 # if no other classes are in use.
Changed lines 262-271 from:
 $TC class add dev $DEV parent 1:1 classid 1:20 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 0
 $TC class add dev $DEV parent 1:1 classid 1:21 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 1
 $TC class add dev $DEV parent 1:1 classid 1:22 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 2
 $TC class add dev $DEV parent 1:1 classid 1:23 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 3
 $TC class add dev $DEV parent 1:1 classid 1:24 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 4
 $TC class add dev $DEV parent 1:1 classid 1:25 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 5
 $TC class add dev $DEV parent 1:1 classid 1:26 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 6

 # attach qdisc to leaf classes - here we at SFQ to each priority class.  SFQ insures that
 #                                within each class connections will be treated (almost) fairly.
to:
 $TC class add dev $DEV parent 1:1 classid 1:20 htb \
   rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 0
 $TC class add dev $DEV parent 1:1 classid 1:21 htb \
   rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 1
 $TC class add dev $DEV parent 1:1 classid 1:22 htb \
   rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 2
 $TC class add dev $DEV parent 1:1 classid 1:23 htb \
   rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 3
 $TC class add dev $DEV parent 1:1 classid 1:24 htb \
   rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 4
 $TC class add dev $DEV parent 1:1 classid 1:25 htb \
  rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 5
 $TC class add dev $DEV parent 1:1 classid 1:26 htb \
  rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 6

 # attach qdisc to leaf classes
 # here we at SFQ to each priority class.  SFQ insures
 # that within each class connections will be treated
 # (almost) fairly.
Changed lines 289-326 from:
 # filter traffic into classes by fwmark - here we direct traffic into priority class according to
 #                                         the fwmark set on the packet (we set fwmark with iptables
 #                                         later).  Note that above we've set the default priority
 #                                         class to 1:26 so unmarked packets (or packets marked with
 #                                         unfamiliar IDs?) will be defaulted to the lowest priority
 #                                         class.
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 23 fw flowid 1:23
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 24 fw flowid 1:24
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 25 fw flowid 1:25
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 26 fw flowid 1:26
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 2 fw flowid 1:2

 # add MYSHAPER-OUT chain to the mangle table in iptables - this sets up the table we'll use
 #                                                      to filter and mark packets.
 $IPTABLES -t mangle -N MYSHAPER-OUT
 $IPTABLES -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT

 # add fwmark entries to classify different types of traffic - Set fwmark from 20-26 according to
 #                                                             desired class. 20 is highest prio.
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport 0:1024 -j MARK --set-mark 23 # Default for low port traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport 0:1024 -j MARK --set-mark 23 # ""
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 26     # ftp-data port, low prio
 $IPTABLES -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20               # ICMP (ping) - high prio, impress friends
 $IPTABLES -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21                # DNS name resolution (small packets)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport ssh -j MARK --set-mark 21    # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport ssh -j MARK --set-mark 21    # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport telnet -j MARK --set-mark 21 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport telnet -j MARK --set-mark 21 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport http -j MARK --set-mark 22   # Local web server
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport 10000 -j MARK --set-mark 22  # https
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 2 # small packets (probably just ACKs?)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 2 # hyper-speed for local traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)

 # Done with outbound shaping
to:
 # filter traffic into classes by fwmark
Added lines 291-381:
 # here we direct traffic into priority class according
 # to the fwmark set on the packet (we set fwmark with
 # iptables later).  Note that above we've set the
 # default priority class to 1:26 so unmarked packets
 # (or packets marked with unfamiliar IDs?) will be
 # defaulted to the lowest priority class.
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 20 fw flowid 1:20
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 21 fw flowid 1:21
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 22 fw flowid 1:22
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 23 fw flowid 1:23
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 24 fw flowid 1:24
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 25 fw flowid 1:25
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 26 fw flowid 1:26
 $TC filter add dev $DEV parent 1:0 prio 0 \
   protocol ip handle 2 fw flowid 1:2

 # add MYSHAPER-OUT chain to the mangle table in iptables
 #
 # this sets up the table we'll use to filter and mark packets.
 $IPTABLES -t mangle -N MYSHAPER-OUT
 $IPTABLES -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT

 # add fwmark entries to classify different types of traffic
 #
 # Set fwmark from 20-26 according to desired class. 20 is highest prio.

 # Default for low port traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --sport 0:1024 -j MARK --set-mark 23

 # Default for low port traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --dport 0:1024 -j MARK --set-mark 23

 # ftp-data port, low prio
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --dport 20 -j MARK --set-mark 26

 # ICMP (ping) - high prio, impress friends
 $IPTABLES -t mangle -A MYSHAPER-OUT -p icmp \
   -j MARK --set-mark 20

 # DNS name resolution (small packets)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p udp \
   -j MARK --set-mark 21

 # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --dport ssh -j MARK --set-mark 21

 # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --sport ssh -j MARK --set-mark 21

 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --dport telnet -j MARK --set-mark 21

 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --sport telnet -j MARK --set-mark 21

 # Local web server
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --sport http -j MARK --set-mark 22

 # https
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   --sport 10000 -j MARK --set-mark 22

 # small packets (probably just ACKs)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp \
   -m length --length :64 -j MARK --set-mark 2

 # hyper-speed for local traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -p all \
   --dst 192.168.1.1/24 -j MARK --set-mark 2 

 # redundant- mark any unmarked packets as 26 (low prio)
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark \
   --mark 0 -j MARK --set-mark 26

 # Done with outbound shaping
 #
Deleted line 384:
Deleted line 390:
Added line 401:
Changed lines 408-409 from:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn't work for you ( and I do not know why it shouldn't), it's not my fault!

to:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn't work for you (and I do not know why it shouldn't), it's not my fault!

March 22, 2005, at 04:31 PM by bobtm --
Changed line 5 from:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

to:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

Changed line 164 from:

Get 'tc' from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin

to:

Get 'tc' from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin . Then make it executable by doing chmod +x /opt/sbin/tc.

Changed lines 311-312 from:
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low
 prio)
to:
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)
Changed line 321 from:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

to:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . Remember to make the script executable. You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

January 10, 2005, at 11:14 PM by bobtm --
Added lines 69-72:
  • If you have already built an image using that installation, you must first do (in order for the modules to be rebuilt):
    • rm -rf ${OEBUILD}/tmp/work/unslung-*-kernel*
    • rm -rf ${OEBUILD}/tmp/stamps/unslung-*-kernel*
January 10, 2005, at 07:55 PM by Siddy --
Added line 178:
 # Edited by Siddy
Changed lines 197-198 from:
 RATEUP=110
 MINCLASSRATE=15 # should be RATEUP/7
to:
 RATEUP=100
 MINCLASSRATE=14 # should be RATEUP/7
Changed lines 243-244 from:
 # add main rate limit classes
 $TC class add dev $DEV parent 1: classid 1:1 htb rate 100mbit
to:
 # add main rate limit class
 $TC class add dev $DEV parent 1: classid 1:1 htb rate ${RATEUP}kbit
 # class for local traffic
 $TC class add dev $DEV parent 1: classid 1:2 htb rate 100mbit
Deleted lines 252-254:
 ## class for unshaped traffic, full rate!!
 $TC class add dev $DEV parent 1:1 classid 1:19 htb rate 100mbit prio 0
Deleted line 277:
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 19 fw flowid 1:19
Added line 285:
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 2 fw flowid 1:2
Changed lines 305-307 from:
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 19 # small packets (probably just ACKs?)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 19 # hyper-speed for local traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)
to:
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 2 # small packets (probably just ACKs?)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 2 # hyper-speed for local traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low
 prio)
January 10, 2005, at 04:20 PM by Siddy --
Changed line 5 from:

Unfortunately the kernel of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

to:

Unfortunately the kernels of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

January 10, 2005, at 04:15 PM by Siddy --
Changed line 9 from:

Get the flash-image with activated fair-queuing from ???. Don't forget to gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

to:

Get the flash-image with activated fair-queuing from http://nslu2.siddy.org/shaper/unslung-able-nslu2-20050106151207.flashdisk.img.gz and gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

Changed line 77 from:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named "/opt/lib/modules". If you followed step 1.1, get the modules from ??? and untar them in "/opt/lib/modules". If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

to:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named "/opt/lib/modules". If you followed step 1.1, get the modules from http://nslu2.siddy.org/shaper/shaper_modules.tar.gz and untar them in "/opt/lib/modules". If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

Changed line 160 from:

Get 'tc' from ??? and gunzip it to /opt/sbin

to:

Get 'tc' from http://nslu2.siddy.org/shaper/tc.gz and gunzip it to /opt/sbin

Changed line 317 from:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from ??? . You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

to:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from http://nslu2.siddy.org/shaper/shaper.gz . You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Changed line 336 from:

If you do have any problems or suggestions, found an error or wanna flame me, just email/irc/whatever me.

to:

If you do have any problems or suggestions, found an error or wanna flame me, just contact me via email/irc/whatever.

January 10, 2005, at 03:49 PM by Siddy --
Changed line 160 from:

Get 'tc' from ??? and untar it to /opt/sbin

to:

Get 'tc' from ??? and gunzip it to /opt/sbin

Changed line 338 from:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys), if it doesn't work for you ( and I do not know why it shouldn't), it's not my fault!

to:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys). If it doesn't work for you ( and I do not know why it shouldn't), it's not my fault!

January 10, 2005, at 03:45 PM by Siddy --
Deleted line 177:
 # Modified by sidddy@gmail.com
Added lines 199-202:
 TC="/opt/sbin/tc"
 IPTABLES="/opt/sbin/iptables"
Changed line 210 from:
         tc -s qdisc show dev $DEV
to:
         $TC -s qdisc show dev $DEV
Changed line 212 from:
         tc -s class show dev $DEV
to:
         $TC -s class show dev $DEV
Changed line 214 from:
         tc -s filter show dev $DEV
to:
         $TC -s filter show dev $DEV
Changed line 216 from:
         iptables -t mangle -L MYSHAPER-OUT -v -x 2> /dev/null
to:
         $IPTABLES -t mangle -L MYSHAPER-OUT -v -x 2> /dev/null
Changed lines 221-224 from:
 tc qdisc del dev $DEV root    2> /dev/null > /dev/null
 iptables -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT 2> /dev/null > /dev/null
 iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
 iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null
to:
 $TC qdisc del dev $DEV root    2> /dev/null > /dev/null
 $IPTABLES -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT 2> /dev/null > /dev/null
 $IPTABLES -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
 $IPTABLES -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null
Changed line 240 from:
 tc qdisc add dev $DEV root handle 1: htb default 26
to:
 $TC qdisc add dev $DEV root handle 1: htb default 26
Changed line 243 from:
 tc class add dev $DEV parent 1: classid 1:1 htb rate 100mbit
to:
 $TC class add dev $DEV parent 1: classid 1:1 htb rate 100mbit
Changed line 251 from:
 tc class add dev $DEV parent 1:1 classid 1:19 htb rate 100mbit prio 0
to:
 $TC class add dev $DEV parent 1:1 classid 1:19 htb rate 100mbit prio 0
Changed lines 254-260 from:
 tc class add dev $DEV parent 1:1 classid 1:20 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 0
 tc class add dev $DEV parent 1:1 classid 1:21 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 1
 tc class add dev $DEV parent 1:1 classid 1:22 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 2
 tc class add dev $DEV parent 1:1 classid 1:23 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 3
 tc class add dev $DEV parent 1:1 classid 1:24 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 4
 tc class add dev $DEV parent 1:1 classid 1:25 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 5
 tc class add dev $DEV parent 1:1 classid 1:26 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 6
to:
 $TC class add dev $DEV parent 1:1 classid 1:20 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 0
 $TC class add dev $DEV parent 1:1 classid 1:21 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 1
 $TC class add dev $DEV parent 1:1 classid 1:22 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 2
 $TC class add dev $DEV parent 1:1 classid 1:23 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 3
 $TC class add dev $DEV parent 1:1 classid 1:24 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 4
 $TC class add dev $DEV parent 1:1 classid 1:25 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 5
 $TC class add dev $DEV parent 1:1 classid 1:26 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 6
Changed lines 264-270 from:
 tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
 tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10
 tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10
 tc qdisc add dev $DEV parent 1:23 handle 23: sfq perturb 10
 tc qdisc add dev $DEV parent 1:24 handle 24: sfq perturb 10
 tc qdisc add dev $DEV parent 1:25 handle 25: sfq perturb 10
 tc qdisc add dev $DEV parent 1:26 handle 26: sfq perturb 10
to:
 $TC qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:23 handle 23: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:24 handle 24: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:25 handle 25: sfq perturb 10
 $TC qdisc add dev $DEV parent 1:26 handle 26: sfq perturb 10
Changed lines 278-285 from:
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 19 fw flowid 1:19
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 23 fw flowid 1:23
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 24 fw flowid 1:24
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 25 fw flowid 1:25
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 26 fw flowid 1:26
to:
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 19 fw flowid 1:19
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 23 fw flowid 1:23
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 24 fw flowid 1:24
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 25 fw flowid 1:25
 $TC filter add dev $DEV parent 1:0 prio 0 protocol ip handle 26 fw flowid 1:26
Changed lines 289-290 from:
 iptables -t mangle -N MYSHAPER-OUT
 iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
to:
 $IPTABLES -t mangle -N MYSHAPER-OUT
 $IPTABLES -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT
Changed lines 294-307 from:
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 0:1024 -j MARK --set-mark 23 # Default for low port traffic
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 0:1024 -j MARK --set-mark 23 # ""
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 26     # ftp-data port, low prio
 iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20               # ICMP (ping) - high prio, impress friends
 iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21                # DNS name resolution (small packets)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport ssh -j MARK --set-mark 21    # secure shell
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport ssh -j MARK --set-mark 21    # secure shell
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport telnet -j MARK --set-mark 21 # telnet (ew...)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport telnet -j MARK --set-mark 21 # telnet (ew...)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport http -j MARK --set-mark 22   # Local web server
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 10000 -j MARK --set-mark 22  # https
 iptables -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 19 # small packets (probably just ACKs?)
 iptables -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 19 # hyper-speed for local traffic
 iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)
to:
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport 0:1024 -j MARK --set-mark 23 # Default for low port traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport 0:1024 -j MARK --set-mark 23 # ""
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 26     # ftp-data port, low prio
 $IPTABLES -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20               # ICMP (ping) - high prio, impress friends
 $IPTABLES -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21                # DNS name resolution (small packets)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport ssh -j MARK --set-mark 21    # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport ssh -j MARK --set-mark 21    # secure shell
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --dport telnet -j MARK --set-mark 21 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport telnet -j MARK --set-mark 21 # telnet (ew...)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport http -j MARK --set-mark 22   # Local web server
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp --sport 10000 -j MARK --set-mark 22  # https
 $IPTABLES -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 19 # small packets (probably just ACKs?)
 $IPTABLES -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 19 # hyper-speed for local traffic
 $IPTABLES -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)
January 10, 2005, at 03:42 PM by Siddy --
Changed lines 150-154 from:

Step 5: Installing 'tc'

to:

Step 5: Installing 'iptables'

To install the iptables userspace-tool, simply do an "ipkg update; ipkg install iptables".

Step 6: Installing 'tc'

Changed line 158 from:

Step 5.1: The easy way

to:

Step 6.1: The easy way

Changed line 162 from:

Step 5.2: The hard way

to:

Step 6.2: The hard way

Changed line 166 from:

Step 6: Install shaper-script

to:

Step 7: Install shaper-script

Changed line 319 from:

Step 7: Create init.d-script

to:

Step 8: Create init.d-script

January 10, 2005, at 03:34 PM by Siddy --
Changed line 9 from:

Get the flash-image with activated fair-queuing from ???

to:

Get the flash-image with activated fair-queuing from ???. Don't forget to gunzip it. MD5? of the gunzipped image must be f6dd6036d0037e629b20519a0d17f5dc.

Added lines 330-331:

Oh... not to forget: I am not responsible if you break your slug by following this howto! This howto is just a documentation of what _I_ did to have traffic-shaping for my slug (with some shortcuts for you lazy guys), if it doesn't work for you ( and I do not know why it shouldn't), it's not my fault!

January 10, 2005, at 03:28 PM by Siddy --
Deleted lines 0-2:

This is "Work in progress", not finished yet, will be converted to full HowTo very soon!

This page exists just for my (ie Siddy's) personal reference up to now!

Changed line 73 from:

Flash the image-file "unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img" to your slug, following the README of the normal unslung-distribution until you finished to it's very end, having completed all those reboots, unslings etc pp.

to:

Flash the (compiled or downloaded) image-file "unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img" to your slug, following the README of the normal unslung-distribution until you finished to it's very end, having completed all those reboots, unslings etc pp.

Changed line 127 from:

To simplify the process of loading the required modules, let's create a simple bash-script to do the work for us. So, create the file "/opt/sbin/load_shaper_modules", chmod 755 it and paste the following content (removing the leading space, as usual...)

to:

To simplify the process of loading the required modules, let's create a simple bash-script to do the work for us. So, create the file "/opt/sbin/load_shaper_modules", chmod 755 it and paste the following content (removing the leading spaces, as usual...)

Changed line 152 from:

In this step, we'll install the program named 'tc' (for "traffic control"). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 till now, so there is no iproute2-ipk for the slug. So, here we go:

to:

In this step, we'll install the program named 'tc' (for "traffic control"). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 up to now, so there is no iproute2-ipk for the slug. So, here we go:

Changed line 164 from:

We're getting close to our goal now... it's time to configure the traffic-shaper! If you are a real sadist, you can do it by hand with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else's work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take mine and copy it to /opt/sbin/shaper :

to:

We're getting close to our goal now... it's time to configure the traffic-shaper! If you are a real sadist, you can do it manually with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else's work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take the one of my choice and copy it to /opt/sbin/shaper :

January 10, 2005, at 03:23 PM by Siddy --
Changed line 313 from:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from ???

to:

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from ??? . You probably want to edit some variables in the script, especially "RATEUP" for the overall maximum upload-limit, and "MINCLASSRATE" for the minimal per-class rate. You might also want to change the iptables-mangle-rules to match your setup.

Added line 318:

Step 7: Create init.d-script

Changed lines 320-325 from:
  • create init.d-script to
    • load needed (??) kernel-modules
    • setup packet-mangling
    • setup queueing
  • start init.d-script
  • party!
to:

You probably want to start the traffic-shaper each time you boot your slug. For this purpose, simply create a script named "/opt/etc/init.d/S05shaper" (chmodded to 755) and paste something like

table border=0 width=100% bgcolor=#eeffee? cell?

 #!/bin/sh
 /opt/sbin/load_shaper_modules
 /opt/sbin/shaper start

tableend? into it.

Well, that's all! Your traffic-shaper should now be up and running! Easy going, wasn't it?!

If you do have any problems or suggestions, found an error or wanna flame me, just email/irc/whatever me.

Siddy (sidddy _at_ gmail.com)

January 10, 2005, at 03:14 PM by Siddy --
Added lines 167-315:

We're getting close to our goal now... it's time to configure the traffic-shaper! If you are a real sadist, you can do it by hand with the help of tc and iptables and some hours of man-page-reading. Or... just copy and paste someone else's work (like I did). There are lots of scripts setting up a traffic-shaper out there (like wondershaper and others), so either you take the script of your choice or take mine and copy it to /opt/sbin/shaper :

table border=0 width=100% bgcolor=#eeffee? cell?

 #!/bin/sh
 #
 # myshaper - DSL/Cable modem outbound traffic shaper and prioritizer.
 #            Based on the ADSL/Cable wondershaper (www.lartc.org)
 #
 # Written by Dan Singletary (8/7/02)
 # Modified by sidddy@gmail.com
 #
 # NOTE!! - This script assumes your kernel has been patched with the
 #          appropriate HTB queue and IMQ patches available here:
 #          (subnote: future kernels may not require patching)
 #
 #       http://luxik.cdi.cz/~devik/qos/htb/
 #       http://luxik.cdi.cz/~patrick/imq/
 #
 # Configuration options for myshaper:
 #  DEV    - set to ethX that connects to DSL/Cable Modem
 #  RATEUP - set this to slightly lower than your
 #           outbound bandwidth on the DSL/Cable Modem.
 #           I have a 1500/128 DSL line and setting
 #           RATEUP=90 works well for my 128kbps upstream.
 #           However, your mileage may vary.
 #

 DEV=ixp0
 RATEUP=110
 MINCLASSRATE=15 # should be RATEUP/7

 #
 # End Configuration Options
 #

 if [ "$1" = "status" ]
 then
         echo "[qdisc]"
         tc -s qdisc show dev $DEV
         echo "[class]"
         tc -s class show dev $DEV
         echo "[filter]"
         tc -s filter show dev $DEV
         echo "[iptables]"
         iptables -t mangle -L MYSHAPER-OUT -v -x 2> /dev/null
         exit
 fi

 # Reset everything to a known state (cleared)
 tc qdisc del dev $DEV root    2> /dev/null > /dev/null
 iptables -t mangle -D POSTROUTING -o $DEV -j MYSHAPER-OUT 2> /dev/null > /dev/null
 iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
 iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null

 if [ "$1" = "stop" ]
 then
         echo "Shaping removed on $DEV."
         exit
 fi


 echo "Starting outbound shaping..."

 ###########################################################
 #
 # Outbound Shaping (limits total bandwidth to RATEUP)

 # add HTB root qdisc
 tc qdisc add dev $DEV root handle 1: htb default 26

 # add main rate limit classes
 tc class add dev $DEV parent 1: classid 1:1 htb rate 100mbit

 # add leaf classes - We grant each class at LEAST it's "fair share" of bandwidth.
 #                    this way no class will ever be starved by another class.  Each
 #                    class is also permitted to consume all of the available bandwidth
 #                    if no other classes are in use.

 ## class for unshaped traffic, full rate!!
 tc class add dev $DEV parent 1:1 classid 1:19 htb rate 100mbit prio 0

 ## create fair-share-classes, descending priority
 tc class add dev $DEV parent 1:1 classid 1:20 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 0
 tc class add dev $DEV parent 1:1 classid 1:21 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 1
 tc class add dev $DEV parent 1:1 classid 1:22 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 2
 tc class add dev $DEV parent 1:1 classid 1:23 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 3
 tc class add dev $DEV parent 1:1 classid 1:24 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 4
 tc class add dev $DEV parent 1:1 classid 1:25 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 5
 tc class add dev $DEV parent 1:1 classid 1:26 htb rate ${MINCLASSRATE}kbit ceil ${RATEUP}kbit prio 6

 # attach qdisc to leaf classes - here we at SFQ to each priority class.  SFQ insures that
 #                                within each class connections will be treated (almost) fairly.
 tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
 tc qdisc add dev $DEV parent 1:21 handle 21: sfq perturb 10
 tc qdisc add dev $DEV parent 1:22 handle 22: sfq perturb 10
 tc qdisc add dev $DEV parent 1:23 handle 23: sfq perturb 10
 tc qdisc add dev $DEV parent 1:24 handle 24: sfq perturb 10
 tc qdisc add dev $DEV parent 1:25 handle 25: sfq perturb 10
 tc qdisc add dev $DEV parent 1:26 handle 26: sfq perturb 10

 # filter traffic into classes by fwmark - here we direct traffic into priority class according to
 #                                         the fwmark set on the packet (we set fwmark with iptables
 #                                         later).  Note that above we've set the default priority
 #                                         class to 1:26 so unmarked packets (or packets marked with
 #                                         unfamiliar IDs?) will be defaulted to the lowest priority
 #                                         class.
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 19 fw flowid 1:19
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 22 fw flowid 1:22
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 23 fw flowid 1:23
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 24 fw flowid 1:24
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 25 fw flowid 1:25
 tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 26 fw flowid 1:26

 # add MYSHAPER-OUT chain to the mangle table in iptables - this sets up the table we'll use
 #                                                      to filter and mark packets.
 iptables -t mangle -N MYSHAPER-OUT
 iptables -t mangle -I POSTROUTING -o $DEV -j MYSHAPER-OUT

 # add fwmark entries to classify different types of traffic - Set fwmark from 20-26 according to
 #                                                             desired class. 20 is highest prio.
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 0:1024 -j MARK --set-mark 23 # Default for low port traffic
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 0:1024 -j MARK --set-mark 23 # ""
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport 20 -j MARK --set-mark 26     # ftp-data port, low prio
 iptables -t mangle -A MYSHAPER-OUT -p icmp -j MARK --set-mark 20               # ICMP (ping) - high prio, impress friends
 iptables -t mangle -A MYSHAPER-OUT -p udp -j MARK --set-mark 21                # DNS name resolution (small packets)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport ssh -j MARK --set-mark 21    # secure shell
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport ssh -j MARK --set-mark 21    # secure shell
 iptables -t mangle -A MYSHAPER-OUT -p tcp --dport telnet -j MARK --set-mark 21 # telnet (ew...)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport telnet -j MARK --set-mark 21 # telnet (ew...)
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport http -j MARK --set-mark 22   # Local web server
 iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 10000 -j MARK --set-mark 22  # https
 iptables -t mangle -A MYSHAPER-OUT -p tcp -m length --length :64 -j MARK --set-mark 19 # small packets (probably just ACKs?)
 iptables -t mangle -A MYSHAPER-OUT -p all --dst 192.168.1.1/24 -j MARK --set-mark 19 # hyper-speed for local traffic
 iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26      # redundant- mark any unmarked packets as 26 (low prio)

 # Done with outbound shaping
 #
 ####################################################

 echo "Outbound shaping added to $DEV.  Rate: ${RATEUP}Kbit/sec."

tableend?

As usual, remove the leading spaces and take care of unwanted line-breaks... or simply get the script from ???

Now, execute "/opt/sbin/shaper start" and be happy if you do not see any error-messages! :-D

January 10, 2005, at 03:02 PM by Siddy --
Changed line 128 from:

Step 4: Load the modules

to:

Step 4: Loading the modules

Added lines 151-168:

Execute /opt/sbin/load_shaper_modules and hopefully don't get any error-messages.

Step 5: Installing 'tc'

In this step, we'll install the program named 'tc' (for "traffic control"). It is part of the standard iproute2-package, but unfortunately I failed to cross-compile iproute2 till now, so there is no iproute2-ipk for the slug. So, here we go:

Step 5.1: The easy way

Get 'tc' from ??? and untar it to /opt/sbin

Step 5.2: The hard way

Get the source of iproute2 from http://developer.osdl.org/dev/iproute2/ and compile tc. It can be compiled using a native compiler (see corresponding howto) or cross-compilation (again...). Cross-compilation will probably fail somewhere at arpd, but that's after tc, so who cares... ;-) So, somehow you will be able to get an arm-executable of tc and copy it to /opt/sbin.

Step 6: Install shaper-script

Deleted line 169:
  • build tc from iproute2 (developers.osdn.org...)
January 10, 2005, at 02:54 PM by Siddy --
Changed line 10 from:

The easy way

to:

1.1 The easy way

Changed line 14 from:

The hard way

to:

1.2 The hard way

Changed lines 128-151 from:
  • install kernel-modules for iptables + fair queueing
to:

Step 4: Load the modules

To simplify the process of loading the required modules, let's create a simple bash-script to do the work for us. So, create the file "/opt/sbin/load_shaper_modules", chmod 755 it and paste the following content (removing the leading space, as usual...)

table border=0 width=100% bgcolor=#eeffee? cell?

 #!/bin/sh

 MODDIR="/opt/lib/modules"
 INSMOD="/sbin/insmod"

 $INSMOD $MODDIR/ip_tables.o
 $INSMOD $MODDIR/iptable_filter.o
 $INSMOD $MODDIR/iptable_mangle.o
 $INSMOD $MODDIR/ipt_REJECT.o
 $INSMOD $MODDIR/ipt_MARK.o
 $INSMOD $MODDIR/ipt_length.o
 $INSMOD $MODDIR/ipt_mark.o
 $INSMOD $MODDIR/sch_htb.o
 $INSMOD $MODDIR/sch_sfq.o
 $INSMOD $MODDIR/cls_fw.o

tableend?

January 10, 2005, at 02:42 PM by Siddy --
Added line 80:

The next step will be to copy the compiled kernel-modules to your slug. For this purpose, you have to create a directory named "/opt/lib/modules". If you followed step 1.1, get the modules from ??? and untar them in "/opt/lib/modules". If you followed step 1.2, copy the modules out of your build-tree. They can be found in the subdirectories of /your/base/dir/build/tmp/work/unslung-able-kernel-2.3r25-r7/install and you need the modules

Added lines 82-124:
 cls_fw.o
 cls_route.o
 cls_tcindex.o
 cls_u32.o
 ip_tables.o
 ipt_DSCP.o
 ipt_ECN.o
 ipt_LOG.o
 ipt_MARK.o
 ipt_MIRROR.o
 ipt_REJECT.o
 ipt_TCPMSS.o
 ipt_TOS.o
 ipt_ULOG.o
 ipt_ah.o
 ipt_dscp.o
 ipt_ecn.o
 ipt_esp.o
 ipt_length.o
 ipt_limit.o
 ipt_mac.o
 ipt_mark.o
 ipt_multiport.o
 ipt_owner.o
 ipt_pkttype.o
 ipt_recent.o
 ipt_tcpmss.o
 ipt_tos.o
 ipt_ttl.o
 ipt_unclean.o
 iptable_filter.o
 iptable_mangle.o
 sch_cbq.o
 sch_csz.o
 sch_dsmark.o
 sch_gred.o
 sch_htb.o
 sch_ingress.o
 sch_prio.o
 sch_red.o
 sch_sfq.o
 sch_tbf.o
 sch_teql.o
Added lines 126-127:

(okay, we don't need all of them, but the more the better, right? ;) )

January 10, 2005, at 01:43 PM by Siddy --
Changed line 4 from:

Step by step guide:

to:

This howto describes, how to enable traffic-shaping for the NSLU2, so you can limit the rate of outgoing (and even incoming) network traffic. The howto is devided into several steps, for some of them you can either choose the "hard way" (i.e. doing all on your own), or the "easy way" (i.e. trusting my compilation-capabilities). So lets start...

Changed lines 6-16 from:
  • get bitbake + openembedded trees
to:

Step 1: The Kernel

Unfortunately the kernel of the recent Unslung-3.x-releases do not support fair queueing, an essential part of linux' traffic-shaper. So, we'll have to activate some modules in Unlung's kernel and compile it.

The easy way

Get the flash-image with activated fair-queuing from ???

The hard way

  • get bitbake + openembedded trees (see corresponding howto)
Changed lines 71-73 from:
  • bb unslung-image
  • flash unslung-able-nslu2-*-flashdisk.img
  • reboot nslu2
to:
  • build the unslung-images ("bb unslung-image", again: read howto!)

Step 2: Flashing

Flash the image-file "unslung-able-nslu2-XXXXXXXXXXXX.flashdisk.img" to your slug, following the README of the normal unslung-distribution until you finished to it's very end, having completed all those reboots, unslings etc pp.

Step 3: Installing the modules

January 07, 2005, at 10:17 AM by Siddy --
Changed lines 65-66 from:
  • build tc from iproute2 (developers.osdn.org...)* create init.d-script to
to:
  • build tc from iproute2 (developers.osdn.org...)
  • create init.d-script to
January 06, 2005, at 03:41 PM by Siddy --
Changed line 2 from:

This page exits just for my (ie Siddy's) personal reference up to now!

to:

This page exists just for my (ie Siddy's) personal reference up to now!

January 06, 2005, at 02:00 PM by Siddy --
Changed lines 6-7 from:
  1. get bitbake + openembedded trees
  2. modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :\\
to:
  • get bitbake + openembedded trees
  • modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :\\
Changed lines 60-70 from:

(fully enables iptables (needed to mark packages which need queueing) and fair queueing)

to:

(fully enables iptables (needed to mark packages which need queueing) and fair queueing)

  • bb unslung-image
  • flash unslung-able-nslu2-*-flashdisk.img
  • reboot nslu2
  • install kernel-modules for iptables + fair queueing
  • build tc from iproute2 (developers.osdn.org...)* create init.d-script to
    • load needed (??) kernel-modules
    • setup packet-mangling
    • setup queueing
  • start init.d-script
  • party!
January 06, 2005, at 01:52 PM by Siddy --
Added lines 4-60:

Step by step guide:

  1. get bitbake + openembedded trees
  2. modify openembedded/packages/linux/unslung-kernel-2.3r25/able/defconfig :
    append

table border=0 width=100% bgcolor=#eeffee? cell?

 CONFIG_IP_NF_IPTABLES=m
 CONFIG_IP_NF_MATCH_LIMIT=m
 CONFIG_IP_NF_MATCH_MAC=m
 CONFIG_IP_NF_MATCH_PKTTYPE=m
 CONFIG_IP_NF_MATCH_MARK=m
 CONFIG_IP_NF_MATCH_MULTIPORT=m
 CONFIG_IP_NF_MATCH_TOS=m
 CONFIG_IP_NF_MATCH_RECENT=m
 CONFIG_IP_NF_MATCH_ECN=m
 CONFIG_IP_NF_MATCH_DSCP=m
 CONFIG_IP_NF_MATCH_AH_ESP=m
 CONFIG_IP_NF_MATCH_LENGTH=m
 CONFIG_IP_NF_MATCH_TTL=m
 CONFIG_IP_NF_MATCH_TCPMSS=m
 CONFIG_IP_NF_MATCH_UNCLEAN=m
 CONFIG_IP_NF_MATCH_OWNER=m
 CONFIG_IP_NF_FILTER=m
 CONFIG_IP_NF_TARGET_REJECT=m
 CONFIG_IP_NF_TARGET_MIRROR=m
 CONFIG_IP_NF_MANGLE=m
 CONFIG_IP_NF_TARGET_TOS=m
 CONFIG_IP_NF_TARGET_ECN=m
 CONFIG_IP_NF_TARGET_DSCP=m
 CONFIG_IP_NF_TARGET_MARK=m
 CONFIG_IP_NF_TARGET_LOG=m
 CONFIG_IP_NF_TARGET_ULOG=m
 CONFIG_IP_NF_TARGET_TCPMSS=m

 CONFIG_NET_SCHED=y
 CONFIG_NET_SCH_CBQ=m
 CONFIG_NET_SCH_HTB=m
 CONFIG_NET_SCH_CSZ=m
 CONFIG_NET_SCH_PRIO=m
 CONFIG_NET_SCH_RED=m
 CONFIG_NET_SCH_SFQ=m

 CONFIG_NET_SCH_TEQL=m
 CONFIG_NET_SCH_TBF=m
 CONFIG_NET_SCH_GRED=m
 CONFIG_NET_SCH_DSMARK=m
 CONFIG_NET_SCH_INGRESS=m
 # CONFIG_NET_QOS is not set
 CONFIG_NET_CLS=y
 CONFIG_NET_CLS_TCINDEX=m
 CONFIG_NET_CLS_ROUTE4=m
 CONFIG_NET_CLS_ROUTE=y
 CONFIG_NET_CLS_FW=m
 CONFIG_NET_CLS_U32=m

tableend? (fully enables iptables (needed to mark packages which need queueing) and fair queueing)

January 06, 2005, at 01:42 PM by Siddy --
Changed lines 1-3 from:

Describe EnableTrafficShaping here.

to:

This is "Work in progress", not finished yet, will be converted to full HowTo very soon!

This page exits just for my (ie Siddy's) personal reference up to now!

view · edit · print · history · Last edited by tman.
Based on work by DrS, tman, bobtm, and Siddy.
Originally by Siddy.
Page last modified on July 22, 2005, at 02:01 PM