ClearFoundation

Should this not limit all downloads/uploads to my specified speeds? It seems to have no effect at all.

Hi, are you using the proxy? is it in transparent mode?

Yes, yes. Im guessing it doesnt work with proxy? Is there any plans to fix this? Any current work arounds?

Well if your using the transparent proxy web traffic will appear to originate from your WAN IP not your LAN, so your rules will be ineffective. The bandiwdth 'queueing devices' sit between the WAN and the internet, shaping up and down traffic as it passes through. Are you specficaily trying to throttle web traffic only?

I have create a bandwidth monitor app which will help you see which rules are 'catching' traffic which might help?
www.clearfoundation.com/component/option...view/id,15032/#15032

I just installed your mod and realised how bad ClearOS is. With my DHCP limit rule, there is a class created for EACH ip in the range. This is not how i wanted it and doesnt really make any sense. I want a pool of bandwidth for the whole range.

Yes practically speaking a range of IP's is converted to individual rules...

The technical reason for this is that user IP ranges do not (necessarily) conform to subnet classes. For example you have asked for 192.168.1.200 to 192.168.1.254. The bandwidth IMQ rules require hexadecimal filters to match the relevant traffic, so the nearest you would get is 192.168.1.193/26 = 192.168.1.193 to 192.168.1.254. Which get's close but doesn't exactly match. Therefore to make sure the bandwidth manager can do rules for any IP range that the user requests, it has to create a rule and class for each one.

In the webconfig GUI you can't "pool" bandwidth across all the custom IP's like that. You can if you configure it by service (i.e a port matching any ip) or leave all the remaining traffic in the default 1:2 "everything" else class. If you specify the bandwidth limit with a range of IP's it is for each IP....

If you are familiar with bandwidth and IMQ you can create your own custom classes and filters at /etc/rc.d/rc.firewall.local

Perhaps as a feature request the bandwidth manager should be able to pool bandwdith and create a single filter for each user selected IP subnet?

Just to update - I looked into this a little closer.

It appears that you can already input blocks of IP's using their subnet ranges in CIDR form....w.x.y.z/xx and it will respect your entry. Use the advanced bandwdith rule tab, then put your "IP/Mask" in the first field, but leave the second field after the colon ":" blank.

This means you can have one bandwidth class that covers a range of IP's and they share a pooled rate and ceiling values. Cool

If you need help finding out what CIDR values to use; use an online calculator like
www.subnet-calculator.com/cidr.php

Small plug - i've just updated my app-bandwidth-monitor to show the subnet ranges too...

Great find. Thanks for the info, ill give it a whirl.

Also, great mod. Hopefully we'll see it implemented one day, it provides fantastic information. Can i somehow make it auto update?

EDIT: Another thought ive had is; does the order of rules effect anything? Can i effectively prioritise packets based on the rules? ie. The router will process VOIP packets first over WWW.

Another example, If i have rules ordered:

1. WWW
2. VOIP
3. Some-Class-Which-Limits-Targetted-IP

Will a packet come in and be tested against each rule in order?

IE. WWW Packet comes in which matches my IP range which should be limited (Rule 3). This packet will be put into the WWW (rule 1) class as the rule appears first.

Hi Kripz, at present there is no auto update. In the not too distant future there will be a new ClearOS build system which means user contributed apps will end up in the "extras" repo automatically, which can then be used to auto-update a machine

The order of rules is not really of any significance. What isn't shown is that each rule also has a priority flag, on a scale of 1-7. This is the same as the webconfig "greed" settings. Setting a rule with a high greed, is essentially the same as giving it higher priority over other classes when extra bandwdith is required (up to it's ceiling rate). For a better explanation of the details have a look at
http://luxik.cdi.cz/~devik/qos/htb/manual/userg.htm#prio

So in your example, your WWW and VOIP rules would want to set a higher priority/greed setting. I need to test further what happens when you have multiple rules that match the same traffic...

You can of course create more complex heirachical trees of bandwidth management, but the ClearOS gui assumes that all user created rules are on the same single "tier"

Just to clarify - I tested two identical rules which matched the same traffic. The rule which appears first in the list (i.e. with the lower class number) takes priority.

It appears that once a match is found the subsequent filters are not applicable.

As the webconfig stores the rules in alphabetical order, and creates them according to their nickname there may actually be some arguments for naming your rules with incrementally increasing values so that they are applied in the order you want? (this only applies if you have overlapping rules)