Don't PANIC!<br><br>okay, all the scripts and firewalls distro's are just front ends<br>to either iptables (firewalling script) or tc (traffic control!)<br><br>you should read<br><br>http://www.netfilter.org/documentation/index.html#documentation-howto<br><br>and for traffic control<br><br>http://lartc.org/<br><br>there's also a great book called<br><br>http://www.amazon.com/Linux-iptables-Pocket-Reference-Gregor/dp/0596005695<br><br>http://www.amazon.com/Linux-iptables-Pocket-Reference-Gregor/dp/0596005695<br><br><br>lots of reading I'm affraid, but that's what good software is<br>'documentation'<br><br>I'll try and recover my scripts that I had for qos, they were simple.<br><br><br>I had just a couple of rules for transmitting packets.<br><br><br>TCP ACK always get priority.<br>port 22(ssh),(80),433 priority<br>packets smaller than 100 bytes get priority.<br><br>any other ports forget about it.<br><br>this simple rule set seems to work really well.<br><br>you can
make you qos scripts as easy or as complex as you like, it's just verifying that they are doing what you actually ask<br>of them<br><br>for multiple people sharing a adsl/cable modem sometimes it<br>best to share bandwidth 'fairly' between all hosts, so you<br>would implement bandwidth sharing on source IP address rather than say on port number, packet/tos type?<br><br><br><br><br><br><br><br><b><i>Nistur <nistur@googlemail.com></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Ok, I gave up with ipcop, and decided against smoothwall for now. I <br>installed Ubuntu server 6.06 and got one step further, the speedtouch <br>modem now works perfectly, remembering iptables and the hell it caused <br>before I went about looking for a web based GUI. I got webmin and it <br>seems to do everything we want, several times over by the looks of <br>things. I however am having trouble setting up, and I
believe it's <br>partly my stupdity, but also partly the setup. To begin with I just made <br>a shell script to set the same tables as we had last year (is basically <br>the NAT code block from <br>http://www.gentoo.org/doc/en/home-router-howto.xml with minor <br>alterations to interfaces etc) however it let no traffic through.<br>I attempted to use the "Shoreline firewall" module in webmin and every <br>time I tested it, it blocked all traffic, even me, having to run to the <br>router with a spare keyboard and reset the iptables from the shell <br>script by guesswork.<br>I then tried "Iptables firewall" Which I thought would be more what I <br>was used to and therefore I might understand it a little better. The <br>only difference with that one was it didn't lock up the system when I <br>tried it. Then I tried the "Linux firewall" and was surprised to find <br>that it was more like what I was expecting, basically an iptables <br>frontend with nothing automagically setting
anything else. However, it <br>complained about my original script and tried to convert it. Everything <br>looked fine, but still had the same effect, no internets. Even setting <br>the "Linux Firewall" to the lowest setting, which set ALLOW to all <br>packets on all ports in all directions between all interfaces did nothing.<br><br>Now, I know the last thing should have done SOMETHING if not any of the <br>others. Someone please tell me where I'm going wrong.<br><br>Thanks for your help so far and for any to come.<br>Nistur<br><br>azmodie wrote:<br>> unfortunately i dismantled my ipcop box 2 years ago. was considering <br>> rebuilding with a spare machine i found other day<br>><br>> hope a reinstall will solve your problem. as far as i knew it should <br>> load the module. not done much kernel debugging.<br>><br>> have you tried with older firmware. (long shot)<br>><br>> i know the broadcom driver has issues with newer versions of the
fw.<br>> -- <br>> Umbrella Corporation :-<br>> "They are the fear within all of that there is a company. The <br>> Corporation controlling everything that is Umbrella.<br>> A combination of Microsoft and the US Military. At some level there is <br>> a board of directors who meet once a<br>> month and decide all of our fates."<br>> -- Jeremy Bolt - Producer - Resident Evil : Apocalypse<br>> ------------------------------------------------------------------------<br>><br>> _______________________________________________<br>> dundee GNU/Linux Users Group mailing list<br>> dundee@lists.lug.org.uk http://dundee.lug.org.uk<br>> https://mailman.lug.org.uk/mailman/listinfo/dundee<br>> Chat on IRC, #tlug on dundee.lug.org.uk<br><br><br>_______________________________________________<br>dundee GNU/Linux Users Group mailing list<br>dundee@lists.lug.org.uk
http://dundee.lug.org.uk<br>https://mailman.lug.org.uk/mailman/listinfo/dundee<br>Chat on IRC, #tlug on dundee.lug.org.uk<br></blockquote><br><p> 
<hr size=1>
Yahoo! Answers - Get better answers from someone who knows. <a
href="http://uk.answers.yahoo.com/;_ylc=X3oDMTEydmViNG02BF9TAzIxMTQ3MTcxOTAEc2VjA21haWwEc2xrA3RhZ2xpbmU">Try
it now</a>.