Re: [bwm-tools-tech] error during #bwmd --foreground
Brought to you by:
nkukard
Menu
▾
▴
Re: [bwm-tools-tech] error during #bwmd --foreground
|
From: Kobe L. <ko...@mo...> - 2006-02-27 06:06:35
|
Then your rules are wrong ;-) You should be able to figure this ons out! Check: - the ip adresses used - try other 'general rules' like 'each packet coming on 'eth0' (or whatever you lan interface is) rajveer singh wrote: > > Dear Mr, Kobe, > i checked it with bwm_monitor, there was not movement in traffice. I'm > 100% sure that bwmd deamen is already running as u can see the > following output: - > linux:~ # ps -aux|grep bwmd > Warning: bad ps syntax, perhaps a bogus '-'? See > http://procps.sf.net/faq.html > root 6842 0.0 0.3 12144 1632 ? Ssl 10:24 0:00 bwmd > root 7196 0.0 0.1 1828 612 pts/1 S+ 10:34 0:00 grep bwmd > linux:~ # > > And this please this is the output of bwm_monitor > > BWM Monitor v0.2.2 - Copyright (c) 2003-2005 Linux Based Systems > Design > ├───────────────────────────────────────────────┐│ > > ││ > ┌──────────────┐ > > ││ │ main_line > │ > ││ > │-flow_machine1│ > > ││ │ flow_machine2│ ┌─┤ > Traffic Flow: flow_machine1 > ├─────────────────────┐ > ││ > └──────────────┘ > │ > │ ││ > │ Limits: > │ ││ > │ > │ > ││ │ Max Rate : 16000 > Burst Rate: 32000 │ > ││ │ Queue Len: > 64 Queue Size: 16384 │ > ││ │ > │ > ││ │ Current: > │ > ││ │ > │ > ││ │ > Rate : 0 Rate Avg : 0 │ > ││ > │ Pkt/s : 0 Pkt/s Avg : 0 │ > ││ > │ Queue Len: 0.00% Queue Size: 0.00% │ > ││ > │ Bursts : 0 Drops : 0 > │ ││ > │ > │ ││ > │ > │ > ││ │ Press any key > to quit... │ > ││ > └─────────────────────────────────────────────────────┘ > > > > this is a output of iptables -L -n -v > linux:~ # iptables -L -v -n > Chain INPUT (policy ACCEPT 185 packets, 49326 bytes) > pkts bytes target prot opt in out source destination > 8484 3253K bwmd all -- * * 0.0.0.0/0 0.0.0.0/0 > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source destination > 5 310 bwmd all -- * * 0.0.0.0/0 0.0.0.0/0 > > Chain OUTPUT (policy ACCEPT 8732 packets, 3148K bytes) > pkts bytes target prot opt in out source destination > > Chain bwmd (2 references) > pkts bytes target prot opt in out source destination > 5 310 QUEUE all -- * * 0.0.0.0/0 > 0.0.0.0/0 MARK match !0x0 > 8483 3253K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 > linux:~ # > > and this is a output of iptables -L -n -v -t mangle > linux:~ # iptables -L -v -n -t mangle > Chain PREROUTING (policy ACCEPT 10069 packets, 3604K bytes) > pkts bytes target prot opt in out source destination > > Chain INPUT (policy ACCEPT 9160 packets, 3494K bytes) > pkts bytes target prot opt in out source destination > > Chain FORWARD (policy ACCEPT 5 packets, 310 bytes) > pkts bytes target prot opt in out source destination > 0 0 MARK tcp -- * * 192.168.0.1 > 0.0.0.0/0 MARK set 0x3e9 > 5 310 MARK udp -- * * 192.168.0.1 > 0.0.0.0/0 MARK set 0x3e9 > 0 0 MARK tcp -- * * 192.168.0.2 > 0.0.0.0/0 MARK set 0x3ea > 0 0 MARK udp -- * * 192.168.0.2 > 0.0.0.0/0 MARK set 0x3ea > > Chain OUTPUT (policy ACCEPT 9253 packets, 3338K bytes) > pkts bytes target prot opt in out source destination > > Chain POSTROUTING (policy ACCEPT 9258 packets, 3338K bytes) > pkts bytes target prot opt in out source destination > > Chain bwmd (0 references) > pkts bytes target prot opt in out source destination > 0 0 QUEUE all -- * * 0.0.0.0/0 > 0.0.0.0/0 MARK match !0x0 > 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 > linux:~ # > > You can see in mangle table's bwmd chain, the counter is not going up > where as the bwmd chain of filter chain is happening something. Please > see and suggest me where i'm making mistakes > > With thanks & regards > > Rajveer Singh > > On Sun, 26 Feb 2006 Kobe Lenjou wrote : > >Did you check the good working with 'bwm_monitor' and is the bwmd > deamon running? > > > >Also, try iptables -L -n -v to see any counters going up > > > >Greetz > >Kobe > > > >rajveer singh wrote: > >> > >> Hi all, > >> > >>Thanks Mr. Kobe for providing steps it helps me a lot. but i goes to > monitor there nothing is happening. > >>my /etc/bwm_tools/firewall's contents are as below > >> > >> # Global configuration and access classes > >> > >> > >> > >> <global> > >><modules> > >> <load name="ip_queue"/> > >></modules> > >> <class name="out_machine1"> > >><address name="out_machine1_tcp" proto="tcp" src="192.168.0.1"/> > >><address name="out_machine1_udp" proto="udp" src="192.168.0.1"/> > >></class> > >> > >> <class name="out_machine2"> > >><address name="out_machine2_tcp" proto="tcp" src="192.168.0.2"/> > >><address name="out_machine2_udp" proto="udp" src="192.168.0.2"/> > >></class> > >> > >></global> > >> > >> > >> # Access control lists > >> # Network address translation > >> # Traffic flows > >> > >> <traffic> > >> > >> # Rate can be specified in either IN, OUT or TOTAL (rate-total) > >> # If rate-total == 0, no rate limits > >> > >> > >><flow name="main_line" stats-len="5" queue-size="262144" > queue-len="400" max-rate="64000" burst-rate="65000" report-timeout="60"> > >> <flow name="flow_machine1" max-rate="16000" > burst-rate="32000" queue-size="16384" report-timeout="60"> > >> <queue prio="99" nfmark="1001"> > >> out_machine1; > >> </queue> > >> </flow> > >> <flow name="flow_machine2" max-rate="16000" > burst-rate="32000" queue-size="16384" report-timeout="60"> > >> <queue prio="99" nfmark="1002"> > >> out_machine2; > >> </queue> > >> </flow> > >></flow> > >></traffic> > >></firewall> > >> > >>and my contents of /etc/sysconfig/iptables are as below: > >> > >># Generated using BWM Firewall v0.2.2: Sat Feb 25 18:06:44 2006 > >> > >>*mangle > >>:OUTPUT ACCEPT > >>:INPUT ACCEPT > >>:FORWARD ACCEPT > >>-A FORWARD --source 192.168.0.1 --protocol tcp -j MARK --set-mark 1001 > >>-A FORWARD --source 192.168.0.1 --protocol udp -j MARK --set-mark 1001 > >>-A FORWARD --source 192.168.0.2 --protocol tcp -j MARK --set-mark 1002 > >>-A FORWARD --source 192.168.0.2 --protocol udp -j MARK --set-mark 1002 > >>COMMIT > >>*filter > >>:OUTPUT ACCEPT > >>:bwmd - > >>:INPUT ACCEPT > >>:FORWARD ACCEPT > >>-A bwmd -m mark ! --mark 0 -j QUEUE > >>COMMIT > >> > >>when i tried to create graph as per below > >>linux:~ # bwm_graph --flow="out_machine1 --start="2006/02/25 18:28" > --end="2006/02/25 18:30" output=/etc/file1 > >> > > >> > > >> > > >> > > >> > > >> > > >>nothing happen > >> > >>I'm thinking it's some problem in my firewall setup. I tried to > recognise it. but unable to find it. > >> > >> > >> > > > > <http://adworks.rediff.com/cgi-bin/AdWorks/sigclick.cgi/www.rediff.com/signature-home.htm/1507191490@Middle5?PARTNER=3> |
