Throttle traffic for a single local IP on a Linux router?

Hi,

I know this might not be 100% on-topic and might be better suited
for a Linux-distro mailinglist, but I hope to get more diverse
methods from you networking experts.

Basically, I have a small residential connection, 5 Mbit down, 0.5
Mbit up. A user on my local network, who we will call
192.168.1.105, is using too much bandwidth. I have tried social
engineering to get him to stop, he claims to, but iftop says
otherwise.

My network is setup like this: Cable modem goes to eth0 on router
running Ubuntu server, eth1 on the Ubuntu box goes to a wrt54gl
(behaving purely as a bridge), and all clients are connected
wirelessly. The Ubuntu box handles everything.

So I have tried this script, and it does not work -- download speed
gets limited just fine, but upload remains unlimited for some
reason:

TC=/sbin/tc
OUTIF=eth0 # Interface for WAN (internet)
INIF=eth1 # Interface for LAN (internal network)
DNLD=0.5mbit # DOWNLOAD Limit
UPLD=0.1mbit # UPLOAD Limit
IP=192.168.1.105
U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"
$TC qdisc del dev $INIF root
$TC qdisc del dev $OUTIF root
$TC qdisc add dev $INIF root handle 1: htb default 30
$TC qdisc add dev $OUTIF root handle 1: htb default 30
$TC class add dev $INIF parent 1: classid 1:1 htb rate $DNLD ceil
$DNLD
$TC class add dev $OUTIF parent 1: classid 1:1 htb rate $UPLD ceil
$UPLD
$TC filter add dev $INIF parent 1:0 ip pref 1 u32 match ip src
$IP/32 0xFFFFFFFF flowid 1:1
$TC filter add dev $OUTIF parent 1:0 ip pref 1 u32 match ip dst
$IP/32 0xFFFFFFFF flowid 1:1

Anyone see any problems in my setup, this script, or have any idea
how I can limit the speeds of Mr. 192.168.1.105 without social
engineering?

Thank you for your time.

yes, I think you have the same IDs in the last 4 lines.

classid's should be 1:1 and 1:2
flowid's shoild be 1:1 and 1:2

yours are 1:1 in both cases of each

try :-

$TC class add dev $INIF parent 1: classid 1:1 htb rate $DNLD ceil
$DNLD
$TC class add dev $OUTIF parent 1: classid 1:2 htb rate $UPLD ceil
$UPLD
# ^^^
$TC filter add dev $INIF parent 1:0 ip pref 1 u32 match ip src $IP/32
0xFFFFFFFF flowid 1:1
$TC filter add dev $OUTIF parent 1:0 ip pref 1 u32 match ip dst
$IP/32 0xFFFFFFFF flowid 1:2
# ^^^
(line breaks may be affected by email formatting etc )

Gord

Try a Linksys RV016, it has some decent traffic shaping tools for larger
home and small business networks.

Jeff

$TC class add dev $INIF parent 1: classid ...

yes, I think you have the same IDs in the last 4 lines.

classid's should be 1:1 and 1:2
flowid's shoild be 1:1 and 1:2

yours are 1:1 in both cases of each

try :-

$TC class add dev $INIF parent 1: classid 1:1 htb rate $DNLD ceil
$DNLD
$TC class add dev $OUTIF parent 1: classid 1:2 htb rate $UPLD ceil

$UPLD
# ^^^
$TC filter add dev $INIF parent 1:0 ip pref 1 ...
$IP/32 0xFFFFFFFF flowid 1:2
# ^^^
(line breaks may be affected by email formatting etc )

Gord

Yes indeed it does.

Ironically that device runs a linux-y kernel so is probably also using
iptools/tc to achieve the shaping/policing a GUI wrapped around it.

The GPL parts of it are at
ftp://ftp-eng.cisco.com/pub/opensource/linksys/RVxxxToolchain/

I was also planning to have a look at the hardware in it but that device
is now out of my control

Gord

take a read on this link

http://www.faqs.org/docs/Linux-HOWTO/Bandwidth-Limiting-HOWTO.html

-beavis

take a read on this link

Bandwidth Limiting HOWTO

-beavis

Another: