Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

NAS How To

Shaping the traffic

With all that out of the way, we can now finally create the script that will shape our traffic. I'm not going to go into the theory here, as it is all in the document you read earlier (you did read it all, right? )

You might want to play around with these settings once you get the hang of it. We are going to create three scripts, one for iptables to mark the packets based on their source port number, one for traffic control (tc) to give different priorities to the packets based on how they have been marked, and one to clear them both so you can reset it.

First let's back up our current iptables:

cd /home/myname
mkdir shaping
cd shaping
iptables-save > blank_iptables

now create a text file:

vi marking_packets.sh

Mine looks a bit like this:

MARKPRIO1="1"

# Setting priority marks

iptables -t mangle -A OUTPUT -p tcp --sport 22 -j MARK --set-mark $MARKPRIO1
iptables -t mangle -A OUTPUT -p tcp --sport 80 -j MARK --set-mark $MARKPRIO1
iptables -t mangle -A OUTPUT -p tcp --sport 139 -j MARK --set-mark $MARKPRIO1
iptables -t mangle -A OUTPUT -p tcp --sport 138 -j MARK --set-mark $MARKPRIO1
iptables -t mangle -A OUTPUT -p tcp --sport 137 -j MARK --set-mark $MARKPRIO1

All this has done is mark SSH, HTTP and Samba traffic as the highest priority. Everything else is ignored. Save and quit the file and then make it executable with the following command:

chmod +x marking_packets.sh

Now create a file called iptables_quotas.sh which looks something like this:


#Constants
# Interface you want to do shaping on
# eth2, eth1 for direct connection; ppp0 or so for dsl
# and other dialup connections (check ifconfig)
IFACE=eth0

# Priority marks
MARKPRIO1="1"

# Rates
LAN_RATE="100mbit"
P2PRATE="200kbit"
PRIORATE4="100kbit"

# Quantum
QUANTUM1="1200"
QUANTUM4="150"

# Burst
BURST1="0k"
BURST4="0k"
CBURST1="0k"
CBURST4="0k"

# Set queue length for IFACE
ifconfig $IFACE txqueuelen 16

# Specify queue discipline
tc qdisc add dev $IFACE root handle 1:0 htb default 104 r2q 1

# Set root class
tc class add dev $IFACE parent 1:0 classid 1:1 htb rate $LAN_RATE burst $BURST1
cburst $CBURST1

# Specify sub classes
tc class add dev $IFACE parent 1:1 classid 1:101 htb rate $LAN_RATE ceil $LAN_RATE
quantum $QUANTUM1 burst $BURST1 cburst $CBURST1 prio 0
tc class add dev $IFACE parent 1:1 classid 1:104 htb rate $PRIORATE4 ceil $P2PRATE
quantum $QUANTUM4 burst $BURST4 cburst $CBURST4 prio 3

# Filter packets
tc filter add dev $IFACE parent 1:0 protocol ip prio 0 handle $MARKPRIO1 fw
classid 1:101
tc filter add dev $IFACE parent 1:0 protocol ip prio 3 handle $MARKPRIO4 fw
classid 1:104

# Add queuing disciplines
tc qdisc add dev $IFACE parent 1:101 sfq perturb 16 quantum $QUANTUM1
tc qdisc add dev $IFACE parent 1:104 sfq perturb 16 quantum $QUANTUM4

Now make it executable as before. Also if you need to reset iptables and tc, you can use the following script:

IFACE=eth0
tc qdisc del dev $IFACE root 2> /dev/null > /dev/null
tc class del dev $IFACE root 2> /dev/null > /dev/null
tc filter del dev $IFACE root 2> /dev/null > /dev/null
iptables-restore < blank_iptables

Now execute the two scripts with:

./marking_packets.sh
./iptables_quotas.sh

And that's it! If you've done everything correctly, no warnings or errors should appear. You can check that traffic shaping is working by changing the LAN_RATE to something like 10kbit and then try copying a file to or from the Xbox over your network and see how slow it is! Also you might want to play with the rate for P2PRATE and PRIORATE4 depending on your connection. My uplink speed is 256k and these settings seemed to work quite well. Even though traffic shaping is only being applied to data traffic going to and from the modified Xbox, since you've now tamed the voracious TorrentFlux client, you should be able to use your Internet connection for other activities again!

Congratulations, you now a have a fully working powerful NAS and you will be the envy of all your (slightly geeky) friends! There are plenty of things you could do with this project. You could have two big hard drives instead of the 2.5" drive. Perhaps software RAID it? Or if you add a switch and USB modem you could add routing capabilities to it. The world is your oyster!

More NAS

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Asuswrt-Merlin 384.13_2 (RT-AC87U and RT-AC3200), and 384.14 (other models) are now available.The 384.13_2 release mostly focuses on fixes backported ...
I have an asus rtn16 router with 2 laptops using the wireless network. I have an older HP laptop that I get download speeds using ookla download test ...
I was recently given a sonos beam for a birthday present so I connected it up to my rt ac 88 u running 13 . Now I can get the google assistant to work...
Hi..I have been looking and looking online for a few days now and I cannot find the answer to my question.Based on the research I've done on AiMesh, i...
Greetings, All.I am trying to figure out if I am just spinning my wheels, wasting time, and worse — wasting precious memory on my router, or if what I...

Don't Miss These

  • 1
  • 2
  • 3