2

I want to run the following script on ubuntu server. eth1 is NAT interface, and eth2 is the WAN interface which has a static public ip:

TCA="tc class add dev eth2" TFA="tc filter add dev eth2" TQA="tc qdisc add dev eth2" SFQ="sfq perturb 10" tc qdisc del dev eth2 root tc qdisc add dev eth2 root handle 1: htb tc class add dev eth2 parent 1: classid 1:1 htb rate 4560kbit $TCA parent 1:1 classid 1:10 htb rate 2280kbit ceil 4560kbit prio 0 $TCA parent 1:1 classid 1:11 htb rate 912kbit ceil 4560kbit prio 1 $TCA parent 1:1 classid 1:12 htb rate 912kbit ceil 4560kbit prio 2 $TCA parent 1:1 classid 1:13 htb rate 10kbit ceil 10kbit prio 4 $TQA parent 1:10 handle 10: $SFQ $TQA parent 1:11 handle 11: $SFQ $TQA parent 1:12 handle 12: $SFQ $TQA parent 1:13 handle 13: $SFQ $TFA parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 $TFA parent 1:0 prio 1 protocol ip handle 11 fw flowid 1:11 $TFA parent 1:0 prio 2 protocol ip handle 12 fw flowid 1:12 $TFA parent 1:0 prio 4 protocol ip handle 13 fw flowid 1:13 iptables -t mangle -A POSTROUTING -p tcp --sport 80 -j MARK --set-mark 10 iptables -t mangle -A POSTROUTING -p tcp --sport 443 -j MARK --set-mark 11 iptables -t mangle -A POSTROUTING -p tcp --sport 995 -j MARK --set-mark 12 iptables -t mangle -A POSTROUTING -p tcp --sport 1024:65535 -j MARK --set-mark 13 TCAU="tc class add dev imq0" TFAU="tc filter add dev imq0" TQAU="tc qdisc add dev imq0" modprobe imq modprobe ipt_IMQ ip link set imq0 up tc qdisc del dev imq0 root tc qdisc add dev imq0 root handle 1: htb tc class add dev imq0 parent 1: classid 1:1 htb rate 4560kbit $TCAU parent 1:1 classid 1:13 htb rate 10kbit ceil 10kbit prio 4 $TQAU parent 1:13 handle 13: $SFQ $TFAU parent 1:0 prio 4 protocol ip handle 13 fw flowid 1:13 iptables -t mangle -A PREROUTING -p tcp --dport 1024:65535 -j MARK --set-mark 13 iptables -t mangle -A PREROUTING -j IMQ --todev 0

When I do modprobe imq and modprobe ipt_IMQ I get the error kernel module is not found. Is there any way I can make this script work on ubuntu server?

Improve this question

3 Answers 3

Reset to default
3

You should patch your kernel to add support for IMQ. Here you find the patches http://www.linuximq.net/patches.html and here you will find details instructions how to compile it: http://ubuntuforums.org/showthread.php?t=1404537

Regards

Improve this answer
1
  • Only now I saw fab responded faster than me:) In essence is the same answer. Commented Mar 17, 2011 at 10:15
3

There is not out of the box solution in Ubuntu. You have to recompile your kernel with the imq patch applied. There are a lot of tutorials on how to do that. Here is the first I have found: http://ubuntuforums.org/showthread.php?t=1404537

Improve this answer
1

From what I understand, the ifb device is the successor to imq. I'm very new to imq/ifb queing, but I believe they can be used in the same way as each other. You can load the ifb module by running sudo modprobe ifb. Also, I came across this: "There is the also IMQ patch, but it is not recommended. The IMQ design is unsafe and ifb is better" (from http://www.spinics.net/lists/netfilter/msg49306.html).

Improve this answer
2
  • Thanks, the module exists in the ubuntu version I use. You saved me from taking up the risky task of compiling the kernel. Commented Mar 20, 2011 at 17:27
  • 1
    IFB and IMQ are quite different. IMQ filtering happens after packets went through netfilter (and that can be quite useful in some cases), that's not the case in IFB. Commented Sep 17, 2013 at 17:15

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.