How to make a simple traffic control for specific port using "tc" command

Question

I'm new at linux and my goal is to create a simple traffic control for "eth0" or "lo" using the tc command (or other commands like ifconfig or iptables, but i don't think i need them).

My kernel is 2.6.18-238.el5 GNU/Linux, and i'm using redhat.

my script is:

tc qdisc del dev $DEV root
tc qdisc add dev $DEV root handle 1: htb default 10
tc class add dev $DEV parent 1: classid 1:10 htb rate $DNLD
tc filter add dev $DEV parent 1: protocol ip u32 match ip dport $input_port 0xffff flowid 1:10

while $DNLD is the bandwidth limit, $DEV is eth0 or lo, and $input_port is the port i want to limit.

I have read a lot of pages on the internet and understood that this is how it should be written, but this lines don't limit the specific port, but all of the ports.

I tried to use also "sport" but it doesn't work also. so i don't understand what the problem is.

Another strange thing is that the bandwidth limiting seems to be working, and the reset line seems to be working aswell, (which is the first line: tc qdisc del dev $DEV root )

but still, the output line after i'm writing it is: "RTNETLINK answers: No such file or directory" and I don't know why and if it causes any damage.

Please let me know if you need any other information. I be glad if someone will be able to help me. thanks ahead.

Answer 1

I don't know if this is what you are looking for exactly but this is a script you can edit and run. I use it to throttle my connections and test web apps.

#!/bin/bash
#
#  tc uses the following units when passed as a parameter.
#  kbps: Kilobytes per second 
#  mbps: Megabytes per second
#  kbit: Kilobits per second
#  mbit: Megabits per second
#  bps: Bytes per second 
#       Amounts of data can be specified in:
#       kb or k: Kilobytes
#       mb or m: Megabytes
#       mbit: Megabits
#       kbit: Kilobits
#  To get the byte figure from bits, divide the number by 8 bit
#

#
# Name of the traffic control command.
TC=/sbin/tc

# The network interface we're planning on limiting bandwidth.
IF=`ip addr | grep 2: | cut -d' ' -f2 | cut -d: -f1`

# Latency
LAT_1=200ms          # Base latency
LAT_2=50ms           # Plus or minus
LAT_3=25%            # Based on previous packet %
# Dropping packets
DROP_1=5%            # Base probability
DROP_2=25%           # Based on previous packet %
# Bandwidth
#DNLD=33kbps          # DOWNLOAD Limit
#UPLD=33kbps          # UPLOAD Limit
DNLD=1Mbps          # DOWNLOAD Limit
UPLD=1Mbps          # UPLOAD Limit

# IP address of the machine we are controlling
IP=`ip addr | grep "inet " | tail -1 | cut -d' ' -f6 | cut -d/ -f1`

# Filter options for limiting the intended interface.
U32="$TC filter add dev $IF protocol ip parent 1:0 prio 1 u32"

# We'll use Hierarchical Token Bucket (HTB) to shape bandwidth.
# For detailed configuration options, please consult Linux man
# page.

#$TC qdisc add dev $IF root handle 2: netem delay $LAT_1 $LAT_2 $LAT_3     loss $DROP_1 $DROP_2
$TC qdisc add dev $IF root handle 2: netem delay $LAT_1 $LAT_2 $LAT_3 loss $DROP_1 $DROP_2
$TC qdisc add dev $IF parent 2: handle 1: htb default 30
$TC class add dev $IF parent 1: classid 1:1 htb rate $DNLD
$TC class add dev $IF parent 1: classid 1:2 htb rate $UPLD
$U32 match ip dst $IP/32 flowid 1:1
$U32 match ip src $IP/32 flowid 1:2

# The first line creates the root qdisc, and the next three lines
# create three child qdisc that are to be used to shape download 
# and upload bandwidth.
#
# The 5th and 6th line creates the filter to match the interface.
# The 'dst' IP address is used to limit download speed, and the 
# 'src' IP address is used to limit upload speed.

echo Limit to $DNLD on $IF for $IP