1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

QoS Classification: KB Transferred - how measured and how reset?

Discussion in 'Tomato Firmware' started by m078, Aug 11, 2007.

  1. m078

    m078 LI Guru Member

    Port forwarding using IPTABLES (was QoS Classification: KB Transferred)

    I'm trying to better understand the Tomato QoS Classification, and particularly the "KB Transferred" amount(s).

    Does the "KB Transferred" value apply to each connection, or to the cumulative total of all such connections ?

    If the latter, how to reset the total?

    What I'm trying to do is to put a daily limit on a certain type of traffic.

  2. mraneri

    mraneri LI Guru Member

    I think it's per connect... I.e. open a connection from this port on this PC to that port on that PC and the kb counter starts at 0. Once the total data transferred reaches x, adjust the priority. Close and reopen the connection, and the counter resets...

    Each visit to a web page may open 1-100 or more separate connections as each separate component from each separate location gets downloaded.

    I'm not sure of a way to do what you want to do, but the stock QOS settings in Tomato won't do it for you.

    - Mike
  3. m078

    m078 LI Guru Member

    Thanks Mike,

    Having had a rethink, I've decided I can achieve more or less what I want by keeping 2 ports closed during the day, and having them open midnight to 8am when I have "unlimited" usage.

    I think I can do port forwarding with IPTABLES (not that I know anything about it, so it will be an interesting exercise). Would have a cron job at midnight to forward them and one before 8am to cancel the forwarding.

    Assuming it is possible, do you see any conflict with Tomato by doing this?
  4. azeari

    azeari LI Guru Member

    shouldn't have any problems based on what you've suggested. just remember to use cru instead, something on the faq i can't remember
  5. m078

    m078 LI Guru Member

    Ok, that worked. I'm forwarding port 1947 for TCP traffic, and port 1948 for UDP. Here's what I put in the firewall script:
    cru a A "0 0 * * * /usr/sbin/iptables -t nat -I PREROUTING 1 -p tcp --dport 1947 -j DNAT --to"
    cru a B "1 0 * * * /usr/sbin/iptables -t nat -I PREROUTING 2 -p udp --dport 1948 -j DNAT --to"
    cru a C "2 0 * * * /usr/sbin/iptables -I FORWARD 1 -p tcp -d --dport 1947 -j ACCEPT"
    cru a D "3 0 * * * /usr/sbin/iptables -I FORWARD 2 -p udp -d --dport 1948 -j ACCEPT"
    cru a W "0 3 * * * /usr/sbin/iptables -D FORWARD 2"
    cru a X "1 3 * * * /usr/sbin/iptables -D FORWARD 1"
    cru a Y "2 3 * * * /usr/sbin/iptables -t nat -D PREROUTING 2"
    cru a Z "3 3 * * * /usr/sbin/iptables -t nat -D PREROUTING 1"
    I'm forwarding at around midnight, and cancelling the forwarding at around 3am. I spaced each instruction by a minute just in case, but I guess thats not really needed.
    Please do suggest any improvements as I'm a total novice.:confused:

    A couple of further questions:

    1. If I make any firewall related change using the Tomato GUI (e.g what is logged in SYSLOG) then the forwarding gets reset. Is there any way I can preserve the forwarding instruction when I make such a change?

    2. Cancelling the port forwarding doesn't cancel any active connection(s). Is there some way to cancel them? (I guess I could reboot)

    Its a pity that each of the functions available through the Tomato GUI isn't also available as a command line function that could be put in a script. Would others find that useful?

Share This Page