From f0b4b1f42e20870706ddbd0c85d0a716eeebcc51 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 26 Oct 2009 12:23:32 -0700 Subject: [PATCH] Add limit option to tcclasses --- Shorewall/Perl/Shorewall/Tc.pm | 7 ++++++- Shorewall/changelog.txt | 2 ++ Shorewall/releasenotes.txt | 7 +++++++ docs/traffic_shaping.xml | 16 +++++++++++++++- manpages/shorewall-tcclasses.xml | 22 ++++++++++++++++++++++ manpages6/shorewall6-tcclasses.xml | 22 ++++++++++++++++++++++ 6 files changed, 74 insertions(+), 2 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm index 7865ea842..7c5dd064c 100644 --- a/Shorewall/Perl/Shorewall/Tc.pm +++ b/Shorewall/Perl/Shorewall/Tc.pm @@ -713,6 +713,7 @@ sub validate_tc_class( ) { parent => $parentclass, leaf => 1, guarantee => 0, + limit => 127, }; $tcref = $tcref->{$classnumber}; @@ -761,6 +762,10 @@ sub validate_tc_class( ) { $tcref->{occurs} = $occurs; $devref->{occurs} = 1; + } elsif ( $option =~ /^limit=(\d+)$/ ) { + warning_message "limit ignore with pfifo queuing" if $tcref->{pfifo}; + fatal_error "Invalid limit ($1)" if $1 < 3 || $1 > 127; + $tcref->{limit} = $1; } else { fatal_error "Unknown option ($option)"; } @@ -1153,7 +1158,7 @@ sub setup_traffic_shaping() { } } - emit( "run_tc qdisc add dev $device parent $classid handle ${classnum}: sfq quantum \$quantum limit 127 perturb 10" ) if $tcref->{leaf} && ! $tcref->{pfifo}; + emit( "run_tc qdisc add dev $device parent $classid handle ${classnum}: sfq quantum \$quantum limit $tcref->{limit} perturb 10" ) if $tcref->{leaf} && ! $tcref->{pfifo}; # # add filters # diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index f9ae6094c..b448d82f1 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -28,6 +28,8 @@ Changes in Shorewall 4.4.3 14) Fix optional interfaces. +15) Add 'limit' option to tcclasses. + Changes in Shorewall 4.4.2 1) BUGFIX: Correct detection of Persistent SNAT support diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 322855889..8f7c9c78f 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -242,6 +242,13 @@ None. The value of this option becomes the default for the 'track' provider option in /etc/shorewall/providers. +3) A new 'limit' option has been added to + /etc/shorewall/tcclasses. This option specifies the number of + packets that are allowed to be queued within the class. Packets + exceeding this limit are dropped. The default value is 127 which is + the value that earlier versions of Shorewall used. The option is + ignored with a warning if the 'pfifo' option has been specified. + ---------------------------------------------------------------------------- N E W F E A T U R E S I N 4 . 4 . 0 ---------------------------------------------------------------------------- diff --git a/docs/traffic_shaping.xml b/docs/traffic_shaping.xml index b7cb5dc38..b65a0b12b 100644 --- a/docs/traffic_shaping.xml +++ b/docs/traffic_shaping.xml @@ -645,6 +645,20 @@ ppp0 6000kbit 500kbit that means that we want to use the source IP address before SNAT as the key. + + + pfifo - When specified for a leaf class, the pfifo queing + discipline is applied to the class rather than the sfq queuing + discipline. + + + + limit=number - Added in Shorewall + 4.4.3. When specified for a leaf class, specifies the maximum + number of packets that may be queued within the class. The + number must be > 2 and less than 128. If + not specified, the value 127 is assumed + @@ -2038,4 +2052,4 @@ class htb 1:120 parent 1:1 leaf 120: prio 2 quantum 1900 rate 76000bit ceil 2300 At least one Shorewall user has found this tool helpful: http://e2epi.internet2.edu/network-performance-toolkit.html - \ No newline at end of file + diff --git a/manpages/shorewall-tcclasses.xml b/manpages/shorewall-tcclasses.xml index f5d553382..1e69a1921 100644 --- a/manpages/shorewall-tcclasses.xml +++ b/manpages/shorewall-tcclasses.xml @@ -407,6 +407,28 @@ before NAT as the key. + + + pfifo + + + When specified for a leaf class, the pfifo queing + discipline is applied to the class rather than the sfq queuing + discipline. + + + + + limit=number + + + Added in Shorewall 4.4.3. When specified for a leaf + class, specifies the maximum number of packets that may be + queued within the class. The number must + be > 2 and less than 128. If not specified, the value 127 + is assumed. + + diff --git a/manpages6/shorewall6-tcclasses.xml b/manpages6/shorewall6-tcclasses.xml index ab31f1d37..81d50eae2 100644 --- a/manpages6/shorewall6-tcclasses.xml +++ b/manpages6/shorewall6-tcclasses.xml @@ -358,6 +358,28 @@ before NAT as the key. + + + pfifo + + + When specified for a leaf class, the pfifo queing + discipline is applied to the class rather than the sfq queuing + discipline. + + + + + limit=number + + + Added in Shorewall 4.4.3. When specified for a leaf + class, specifies the maximum number of packets that may be + queued within the class. The number must + be > 2 and less than 128. If not specified, the value 127 + is assumed. + +