Shorewall : Simple Bandwidth Management

Misal :
Internet interface eth0 : 192.168.1.1
Intranet interface eth1 : 192.168.0.1

/etc/shorewall/shorewall.conf
TC_ENABLED=Yes

/etc/shorewall/interfaces
net eth0 detect
loc eth1 detect

/etc/shorewall/masq
eth0 192.168.0.0/24

/etc/shorewall/tcdevices
#INTERFACE IN-BANDWITH OUT-BANDWIDTH
eth0 1024kbit 256kbit
eth1 100mbit 100mbit

ket :
eth0 mengarah ke speedol paket familia, paket gantinya game, paket gantinya office (cek http://telkomspeedy.com)
eth1 mengarah ke LAN/Intranet, mengapa 100mbit ? ya karena di mesin shorewall ini akan ada beberapa service ssh, samba, dan web LOKAL

/etc/shorewall/tcclasses
#INTERFACE MARK RATE CEIL PRIORITY OPTIONS
eth1 1 100mbit 100mbit 1 tcp-ack,tos-minimize-delay
eth1 2 384kbit full 2

diatas adalah contoh, contoh yang aq buat² sesuai keinginanku sendiri :D

/etc/shorewall/tcrules
#MARK SOURCE DEST PROTO PORT(S) CLIENT USER
# PORT(S)
1:F 0.0.0.0/0 0.0.0.0/0 icmp echo-request
1:F 0.0.0.0/0 0.0.0.0/0 icmp echo-reply
1:F 0.0.0.0/0 0.0.0.0/0 ssh 22
2:F 192.168.0.2/32 0.0.0.0/0 all
2:F 192.168.0.3/32 0.0.0.0/0 all

More