[bwm-tools-tech] What is wrong with this config
Brought to you by:
nkukard
From: Andrew N. <and...@gm...> - 2007-03-31 18:37:34
|
Ok I am trying to get bwm-tools running on a CentOS 4.4 box. It has two network interfaces in a bridge: cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:0C:41:E2:A1:03 ONBOOT=yes TYPE=Ethernet BRIDGE=br0 #IPADDR=192.168.100.98 #NETMASK=255.255.255.0 #GATEWAY=192.168.100.1 cat /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 HWADDR=00:D0:B7:B3:96:69 ONBOOT=yes TYPE=Ethernet BRIDGE=br0 cat /etc/sysconfig/network-scripts/ifcfg-br0 DEVICE=br0 TYPE=Bridge IPADDR=192.168.100.98 NETMASK=255.255.255.0 ONBOOT=yes I my firewall.xml file looks like this: <firewall> # Global configuration and access classes <global> # Modules we need to load <modules> <load name="ip_queue"/> </modules> # BEGIN access classes <class name="ssh_traffic"> <address dst="192.168.100.98" proto="tcp" dst-port="22"/> </class> <class name="http_traffic"> <address dst="192.168.100.98" proto="tcp" dst-port="80"/> </class> # END access classes # Traffic Classes <class name="laptop_up"> <address src="192.168.100.97"/> </class> <class name="laptop_down"> <address src="! 192.168.100.97" dst="192.168.100.97"/> </class> </global> # Access control lists <acl> <table name="filter"> <chain name="INPUT" default="ACCEPT"> <rule name="allowed_traffic" target="ACCEPT"> http_traffic ssh_traffic </rule> </chain> <chain name="FORWARD" default="ACCEPT"> </chain> <chain name="OUTPUT" default="ACCEPT"> </chain> </table> </acl> # Traffic flows <traffic> # Allow about 256k total usage <flow name="traffic_total" max-rate="32000" report-timeout="60"> <flow name="flow_laptop_down" max-rate="25000" burst-rate="32000" report-timeout="60"> <queue prio="40" nfmark="1001">laptop_down;</queue> </flow> # Only allow 64k upload <flow name="flow_laptop_up" max-rate="8000" report-timeout="60"> <queue prio="30" nfmark="1002">laptop_up;</queue> </flow> </flow> </traffic> </firewall> I have ip_forwarding turned on in the CentOS box. I load the firewall like this: bwm_firewall -l I then start bwmd in the foreground like this: bwmd -f I a new terminal I start bwm_monitor and when I look at the stats for traffic total I don't see any packets flowing even though I am browsing the web with the laptop When I go to test I expect my laptop that has an IP of 192.168.100.97 to get no more than 256k of download. Speed test do not show that. What am I missing? If I forgot any important information I can post it. Thanks for any help in advance, _ /-\ ndrew |