IPTABLE Rules

This is stolen from the LARC wondershaper but modified for ease of use.

(http://lartc.org/wondershaper)

So once you've put ipshape into /etc/init.d and linked it into the appropriate runlevel and tweaked the bits in the file for the amount of bandwidth then run it and add the following rules below (or something matching what you want to do) into iptables.

Okay, so have a look - you add these into the "mangle" table of iptables.  These "mark" the packets so that the shaper can sort them into queues.  Note mangle is DIFFERENT to the nat and filter tables.  It's a separate "table" of filters!

These are the ones I use - you can probably have a guess as to what they're doing.

If you want to check rules are working then do:

To look at how things are matching:

iptables -t mangle -L -v -n 

To look at the qdisc:

tc -s qdisc

--

# set the default to the lowest priority
iptables -t mangle -A POSTROUTING -j MARK --set-mark 0xa
# make internal network (assume eth0) go out high priority
iptables -t mangle -A POSTROUTING -i eth0 -j MARK --set-mark 0x5
# ditto for dns (udp anyway)
iptables -t mangle -A POSTROUTING -p udp -m udp --sport 53 -j MARK --set-mark 0x5
iptables -t mangle -A POSTROUTING -p udp -m udp --dport 53 -j MARK --set-mark 0x5
# make icmp seem fast
iptables -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 0x5
# make ssh go  fast in and out
iptables -t mangle -A POSTROUTING -p tcp -m tcp --dport 22 -j MARK --set-mark 0x5
iptables -t mangle -A POSTROUTING -p tcp -m tcp --sport 22 -j MARK --set-mark 0x5
# make smtp go low priority
iptables -t mangle -A POSTROUTING -p tcp -m tcp --sport 25 -j MARK --set-mark 0xf
iptables -t mangle -A POSTROUTING -p tcp -m tcp --dport 25 -j MARK --set-mark 0xf