Advanced traffic shaping with iptables?

Linus Lüssing chinese_chater at yahoo.de
Sun Sep 30 21:50:00 UTC 2007


Thanks a lot for spending some time to edit this script. It seems to 
work now, but at first I was bit confused. The script told me "Outbound 
shaping added to ppp0.  Rate for Tor upload at least: 12Kbyte/sec.", but 
with this option, the hole internet traffic broke down. The script it 
self measures in kbit, not kbyte, right? So I changed the minimum tor 
traffic from 12 to 96 and the maximum from 48 to 384. Can you tell me a 
programm with which I could monitor the bandwidth usage of tor only, so 
I could be sure, that it isn't a Placebo effect.
PS: My first test with sending a file over VPN to a friend, he could 
download the file with ~10kbyte/s without the script and with the script 
he downloaded with 24kbyte/s (only have of my Internet connection). But 
iptraf on the mini-router and tor-server told me, that I was sending 
~32kbyte/s over the local connection. So I'm not sure, if it works or 
not. Maybe, the missing bandwidth is protocol-related. Maybe you can 
tell me a way to get some proof, if it works.

And finally the output of the status option:
(Does it matter, that it tells me 'Cannot find device "imq0"'?)
> linux:~ # /etc/init.d/tor-traffic-shaper.sh status
> [qdisc]
> qdisc pfifo 21: limit 4p
>  Sent 44097690 bytes 52891 pkts (dropped 16134, overlimits 0)
> qdisc pfifo 20: limit 4p
>  Sent 8461095 bytes 13581 pkts (dropped 541, overlimits 0)
> qdisc htb 1: r2q 10 default 20 direct_packets_stat 15
>  Sent 52576092 bytes 66492 pkts (dropped 16675, overlimits 84398)
> Cannot find device "imq0"
> [class]
> class htb 1:1 root rate 384Kbit ceil 384Kbit burst 2090b cburst 2090b
>  Sent 52563365 bytes 66477 pkts (dropped 0, overlimits 0)
>  rate 47696bps 60pps
>  lended: 35298 borrowed: 0 giants: 0
>  tokens: -27932 ctokens: -27932
>
> class htb 1:20 parent 1:1 leaf 20: prio 0 rate 288Kbit ceil 384Kbit 
> burst 1967b cburst 2090b
>  Sent 8465675 bytes 13586 pkts (dropped 541, overlimits 0)
>  rate 1294bps 5pps
>  lended: 13544 borrowed: 42 giants: 0
>  tokens: 47334 ctokens: 38062
>
> class htb 1:21 parent 1:1 leaf 21: prio 7 rate 96Kbit ceil 384Kbit 
> burst 1721b cburst 2090b
>  Sent 44097690 bytes 52891 pkts (dropped 16134, overlimits 0)
>  rate 46120bps 58pps
>  lended: 17635 borrowed: 35256 giants: 0
>  tokens: -133549 ctokens: -27932
>
> Cannot find device "imq0"
> [filter]
> filter parent 1: protocol ip pref 49151 fw
> filter parent 1: protocol ip pref 49151 fw handle 0x15 classid 1:21
> filter parent 1: protocol ip pref 49152 fw
> filter parent 1: protocol ip pref 49152 fw handle 0x14 classid 1:20
> Cannot find device "imq0"
> [iptables]
> Chain TORSHAPER-OUT (1 references)
>     pkts      bytes target     prot opt in     out     
> source               destination
>    69036 57524526 MARK       all  --  any    any     
> anywhere             anywhere            OWNER UID match tor MARK set 0x15
>    13469  8903579 MARK       all  --  any    any     
> anywhere             anywhere            MARK match 0x0 MARK set 0x14
Greetings, Linus



More information about the tor-talk mailing list