Firewall rules don't take effect

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Hi all,

All my attempts to shape my TCP traffic, either CBQ- or HTB-based, have
failed mysteriously, like if I had set no rule.

Please, help me to solve this problem :

On my LAN ( ), I'd like to configure my Linux Box ( whose
eth0 interface has IP ) in order to throttle the TCP traffic
that goes from the Internet down to my Linux box; that is, through my
gateway ( of IP ). But I still want to keep full rate in
bidirectional communications between my Linux Box and other hosts on my
LAN, and even my gateway itself.

My Ethernet adapter is 100 Mbits/s and let's say I want to keep Internet
downloads from my Linux Box below 64 Kbits/s.

The way I thought right was to drop superfluous incoming packets
( beyond the limit of 64 Kbits/s ) so that the remote TCP socket would
auto-regulate its emit rate according to packet loss ratio.

Your help will be very appreciated.

Only volatile test configuration matters; no init/rc script(s).


Site Timeline