I am new to traffic shaping, but I need a quick simple shaping. I have a free internet service on my place using wifi. All www traffic has been routed to transparent proxy. We have a 10mbps connection, and our usual client is around 100-130 clients. Internal interface is eth1, and external is eth0.
The problem is that people start abusing our service and downloads many things with multiple connection download clients, thus choking our bandwidth and causing problem to other user. http data can flow just fine because some served from our proxy, but https has their problem on connecting. Sometimes I saw one IP address opened up 40 connection to download 10 files simultaneously. I have tried to put acl maxconn 4 on squid, but maxconn has problem with firefox with maximum connection reached error every now and then. So, currently when I saw some people start doing that, all I can do is ban that user.
So I think I should statically limit all clients to maximum 64kbps per IP despite how many connection they make, except only youtube movies for 360p movies should run just fine. I plan to use 2mbps for other than youtube, and 8mbps for youtube.
This is my current script
tc qdisc add dev eth0 handle 1: root htb default 11
tc class add dev eth0 parent 1: classid 1:1 htb rate 10mbit
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 8mbit
tc class add dev eth0 parent 1:1 classid 1:11 htb rate 64kbit burst 1mb ceil 384kbit
tc qdisc add dev eth0 parent 1:10 sfq perturb 10
tc qdisc add dev eth0 parent 1:11 sfq perturb 10
tc filter add dev eth0 protocol ip parent 1:10 match src 142.176.121.192/27 flowid 1:10
tc filter add dev eth0 protocol ip parent 1:10 match src 173.194.0.0/16 flowid 1:10
I can't seem to stop those multiple connection clients. Is there something I did wrong? Also, how can I capture youtube? Are those IP correct?
Thank you
0 Answers