www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

QoS

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking
View previous topic :: View next topic  
Author Message
kami



Joined: 31 Mar 2007
Posts: 9
Location: ISB Pk

PostPosted: Sat Mar 31, 2007 7:50 am    Post subject: QoS Reply with quote

hi guys!

First of all thanks for this wonderful stuff. My question is that is it possible to restrict the individual user (up & down) bandwidth on his mac address. Is there any policy that i should be able to associate mac addresses with IP addresses. Proxy having web filter, anti virus and update cache (windows patches, adobe, java, anti virus and etc ) features will make it really a good open source product.

Thanks
Back to top
View user's profile Send private message Yahoo Messenger
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1030

PostPosted: Sat Mar 31, 2007 11:53 am    Post subject: Reply with quote

Using the QoS Classifier you just have to specify the source MAC address and the target Qos class on which you have configured the bandwidth that you want to assign to the client.
To associate an IP address to a MAC address you can use DHCP static entries in the [DHCP] section.
Back to top
View user's profile Send private message Send e-mail
kami



Joined: 31 Mar 2007
Posts: 9
Location: ISB Pk

PostPosted: Sat Mar 31, 2007 12:36 pm    Post subject: Reply with quote

Thanks u for your quick respond. Is there any firewall policy that if some changes it IP address zeroshell stops responding them?
Back to top
View user's profile Send private message Yahoo Messenger
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1030

PostPosted: Sat Mar 31, 2007 12:56 pm    Post subject: Reply with quote

You could set the default policy for the FORWARD chain to DROP and then you just have to add for any client a firewall rule in which you specify the source IP and the source MAC and the target ACCEPT. Don't forget to ACCEPT the incoming traffic from the WAN and other LANs.
Back to top
View user's profile Send private message Send e-mail
kami



Joined: 31 Mar 2007
Posts: 9
Location: ISB Pk

PostPosted: Sat Mar 31, 2007 6:41 pm    Post subject: Reply with quote

i ve tried as u sugessted but did not succeed. Here is my firewall policy
FORWARD ------>>> DROP (default chain)
then i added the following rule to the FORWARD chain
ACCEPT all opt -- in * out * 192.168.10.9 -> 0.0.0.0/0 MAC
00:10:5A:0D:C9:9A.
after saving no packet is forwarded.

Thnx
Back to top
View user's profile Send private message Yahoo Messenger
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1030

PostPosted: Sun Apr 01, 2007 6:39 am    Post subject: Reply with quote

I said to you to not forget to accept the traffic that is incoming from the WAN.
You could solve by including the rule

ACCEPT all opt -- in ETH01 out * 0.0.0.0/0 -> 0.0.0.0/0

where ETH01 is the interface that connects your LAN to Internet.
Back to top
View user's profile Send private message Send e-mail
kami



Joined: 31 Mar 2007
Posts: 9
Location: ISB Pk

PostPosted: Sun Apr 01, 2007 5:43 pm    Post subject: Reply with quote

Thank u for ur kind support. Now i want to control the per MAC (up & down) bandwidth. should i configure the zeroshell as a bridge? Which interface i will use for this so that i should be able to control the bandwidth.

Thanks
Back to top
View user's profile Send private message Yahoo Messenger
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1030

PostPosted: Mon Apr 02, 2007 6:14 pm    Post subject: Reply with quote

Follow the procedure described in the document at the URL http://www.zeroshell.net/eng/qos/ to build a QoS bridge or router.
At the point in which you have to classify the traffic, instead to use the layer 7 filters in the Qos classifier, you must specify the source MAC address of your hosts.
Keep in mind that with the source mac you only are able to control the uploading bandwidth. To control the downloading one you can use the destination IP addresses of the host. To understand which interfaces you have to use, read the above document.
Back to top
View user's profile Send private message Send e-mail
kami



Joined: 31 Mar 2007
Posts: 9
Location: ISB Pk

PostPosted: Tue Apr 03, 2007 6:00 pm    Post subject: Reply with quote

Thanks a lot.
Back to top
View user's profile Send private message Yahoo Messenger
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group