Limit transfer on blue network

(Adam S) #1

Hello i have proxy with 3 interfaces - red (wan), green (lan), and blue (guests + wifi).
I must limit transfer for guests about - 70 % for green / 30 % for blue.
Is it possible ? I try do it with traffic shapping on interface rules but i only see one interface (red) dont see blue and green :frowning: .

(Adam S) #2

I mean speed transfer - no limit :slight_smile:

(Artem Fedai) #3

yes in Code there is only RED


This feature could be a real good killing feature :smile:

Make traffic shapping for all interface, to prioritized the green over the blue lan.
And for type of traffic download, streaming, and so on.

(Artem Fedai) #5

@Adam_S I have made little patch that would show not only RED but also it would show VLAN and BLUE:

(Artem Fedai) #6
[root@nethserver Interfaces]# db tc show

(Giacomo Sanchietti) #7

Sorry to disagree, but I think you are misunderstanding how traffic shaping works.
It can be handled only on red interfaces.
From shorewall manual ( ):

Simple Traffic Shaping is only appropriate on interfaces where output queuing occurs. As a consequence, you usually only use it on extermal interfaces.

Still, we can implement what you are asking for, but it should be done in a different way. We can extended the “Address rules” tab inside the “Traffic shaping” page by allowing the creation of rules based on CIDR objects.

Regarding the pull request by @Nas, probably the part about VLAN can be accepted (but it should be tested if Shorewall complains about it); sadly, the blue part should be removed.

(Adam S) #8

Ok thanks for help. Thats bad :frowning: Then can i make something to limit download speed for this interface (blue) in proxy or firewall ?

(Giacomo Sanchietti) #9

Proxy still doesn’t have such a feature, but squid already supports it.
If you want, I can post a template-custom to lower the priority of the blue network.

(Alessio Fattorini) #10

No template-custom is needed, just a little workaround:

  • create a cidr firewall object called “bluenet”

  • execute this command

    db tc set "cidr;bluenet" ip Description "Low priority blue net" Priority 3
      signal-event firewall-adjust

Now you should see a new rule called “Low priority blue net” in the Traffic shaping page

It would be definitely nice since it’s a very requested feature as @davide_marini can confirm

(Adam S) #11

Ok thanks. I only ask.

  1. When i execute this command, on my traffic shapping appear new rule “Low priority blue net” and blue interface at the moment will be working with prioryty 3 ? right?
  2. Default priority on all interfaces is 10 (without this command) ?
  3. when something do wrong with this command How can I undo this operation?

Thanks for reply :smile:

(Artem Fedai) #12

Kindly use :

db tc delete "cidr;bluenet" ip Description "Low priority blue net" Priority 3

(Alessio Fattorini) #13
  1. Yes it’s right.
  2. Yes it’s right
  3. You can delete the rule by the UI as well

(Adam S) #14

Okey thanks for help.

(Alessio Fattorini) #15

Let me know it works or not marking the thread as resolved

(Adam S) #16

I make on “firewall objects” on tab “CIDR subnets” new rule called “bluenet” , network “”.
Next i open ssh and execute: db tc set "cidr;bluenet" ip Description "Low priority blue net" Priority 3 signal-event firewall-adjust
When i go to “traffic shapping” to “address rules” tab i see:
Address: CIDR network bluenet
Priority: Low
Description: Low priority bluenet
and i can now manually change prioryty by EDIT button: Low, Medium, High

Nice work :smile:
but i dont know how to check if it works?

(Alessio Fattorini) #17

I think you should start a download from the green and from the blue seeing the different priority and bandwidth