limiting traffic of a certain range of internal IPs

[Aphex3K]

Hey Folks,

I'm using my GentooBox as Router for a long time now. I'm using IPtables for forwarding the DSL Internet Traffic to my internal LAN.

Now I want to limit the traffic of the IP Range 192.168.0.XXX where XXX is a number above 29.

Anobody having experience with that?

Thanks in Advance
_________________
managing a server running gentoo...

[aetius]

define "limit the traffic".

[Aphex3K]

All IPs above something like 192.168.0.29 should only use 50KByte/s of my 1,5MBit ADSL Internet connection.

I googled a bit, and found out that wondershaper might be a proper solution but i haven't used it yet.
_________________
managing a server running gentoo...

[aetius]

The shaping solutions do have the ability to work on specific addresses or ranges. You might find it easier to separate those machines onto a different subnet. The HOWTO has that information (section 9.6.2). You'll need the right options in your kernel config -- they are under:

Device Drivers -> Networking Support -> Networking Options -> QoS and/or fair queueing

in menuconfig. Remember that you can only rate-limit traffic that is leaving the machine, unless you want to try the ingress qdisc. That means you should rate-limit incoming traffic on the internal interface (leaving your router for the internal network), and outgoing traffic on the external interface (leaving your router for the outside world).

Also, you'll probably want to modify the shaper commands in wondershaper to control the traffic at a much lower rate -- since your goal is not to improve interactivity, but rather to control the raw amount of traffic.

[Aphex3K]

O k, sounds pretty logical to my but how do i do this exactly? Which HOWTO do you mean? Got a link?
_________________
managing a server running gentoo...

[aetius]

Since you mentioned Wondershaper I thought you were already there:

http://lartc.org/