Help! The problem with Bandwidth Manager in ClearOS 7.2. Terms used in ClearOS 6 do not work. I used ClearOS 6: /etc/clearos/firewall.conf
1||0x10001000|0|1.2.3.4:1.2.3.254||eth0:0:0:0:0:0:3072:3072 \
2||0x10001000|0|1.2.3.4:1.2.3.254||eth0:0:1:0:256:256:0:0 \

Sorry for being away all this time... For my problem about distributing the bandwidth between all my users the fix proposed by Peter worked as a charm. I've been able to confirm it with ntop. Thank you guys ^^

solved it..
it's due to previous lan card that stil intact in the EXTIF
after removing the unused eth

the connection is stabilized again

I have issues with BM Version 1.4.37-1

when the BM in OFF , my speedtest result is like this :


when i turn ON the BM :


while the setting of BM is like this:



what is the problem ?

this is what the log look like in /var/log/system when the BM in ON

Jun 27 20:37:29 srhr firewall: HTB Class 1:10, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:10, source address: 192.168.1.21, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:10, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:10, source address: 110, destination address: 192.168.1.21
Jun 27 20:37:29 srhr firewall: HTB Class 1:11, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:11, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:11, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:11, source address: 110, destination address: 172.16.9.2
Jun 27 20:37:29 srhr firewall: HTB Class 1:12, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:12, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:12, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:12, source address: 110, destination address: 172.16.9.2
Jun 27 20:37:29 srhr firewall: HTB Class 1:13, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:13, source address: 192.168.1.21, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:13, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:13, source address: 110, destination address: 192.168.1.21
Jun 27 20:37:29 srhr firewall: HTB Class 1:14, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:14, source address: 192.168.1.21, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:14, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:14, source address: 110, destination address: 192.168.1.21
Jun 27 20:37:29 srhr firewall: HTB Class 1:15, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq3
Jun 27 20:37:29 srhr firewall: HTB Class 1:15, source address: 192.168.1.21, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:15, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq8
Jun 27 20:37:29 srhr firewall: HTB Class 1:15, source address: 110, destination address: 192.168.1.21
Jun 27 20:37:29 srhr firewall: HTB Class 1:16, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:16, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:16, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:16, source address: 110, destination address: 172.16.9.2
Jun 27 20:37:29 srhr firewall: HTB Class 1:17, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq1
Jun 27 20:37:29 srhr firewall: HTB Class 1:17, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:17, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq6
Jun 27 20:37:29 srhr firewall: HTB Class 1:17, source address: 110, destination address: 172.16.9.2
Jun 27 20:37:29 srhr firewall: HTB Class 1:18, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq3
Jun 27 20:37:29 srhr firewall: HTB Class 1:18, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:18, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq8
Jun 27 20:37:29 srhr firewall: HTB Class 1:18, source address: 110, destination address: 172.16.9.2
Jun 27 20:37:29 srhr firewall: HTB Class 1:19, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq3
Jun 27 20:37:29 srhr firewall: HTB Class 1:19, source address: 172.16.9.2, destination address: 110
Jun 27 20:37:29 srhr firewall: HTB Class 1:19, priority: 0, rate: 250kbit, ceil: 2600kbit, interface: imq8
Jun 27 20:37:29 srhr firewall: HTB Class 1:19, source address: 110, destination address: 172.16.9.2

Unfortunately, I will be away until May 13. I'll circle back around when I'm back!

Here my some blind test:

eth0 (192.168.1.5) - to the LAN Networks
eth1 (192.168.0.5) - to the Internet

Nickname: Test01
Rule: Flowing to the network
Match Address: Destination - 192.168.5.187
Bandwidth: [Rate:1] [Ceiling:1] [Greed: Lowest]

Nickname: Test02
Rule: Flowing to the network
Match Address: Source - 192.168.5.187
Bandwidth: [Rate:1] [Ceiling:1] [Greed: Lowest]

#1st TEST#

1) Configuration file: /etc/clearos/firewall.conf

Test01||0x10001000|0|192.168.1.187||eth1:0:0:6:0:0:1:1 \
Test02||0x10001000|0|192.168.1.187||eth1:1:1:6:0:0:1:1 \

2) tc qdisc show
qdisc pfifo_fast 0: dev eth0 refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
qdisc pfifo_fast 0: dev eth1 refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
qdisc pfifo_fast 0: dev tun0 refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
qdisc htb 1: dev imq0 root refcnt 2 r2q 10 default 2 drirect_packets_stat 6
qdisc htb 1: dev imq1 root refcnt 2 r2q 10 default 2 drirect_packets_stat 0

3) tc class show dev imq0
-none-

4) tc class show dev imq1
class htb 1:11 root prio 6 rate 1000bit ceil 1000bit burst 1600b cburst 1600b
class htb 1:10 root prio 6 rate 1000bit ceil 1000bit burst 1600b cburst 1600b
class htb 1:12 root prio 6 rate 1000bit ceil 1000bit burst 1600b cburst 1600b

5) the results, still same, NO bandwidth control

#2nd TEST#
However, i try to changes something(eth1 -> eth0)

1) Configuration file: /etc/clearos/firewall.conf

Test01||0x10001000|0|192.168.1.187||eth0:0:0:6:0:0:1:1 \
Test02||0x10001000|0|192.168.1.187||eth0:1:1:6:0:0:1:1 \

2) firewall-start -d (Got Error)

firewall: Error /usr/clearos/apps/firewall/deploy/firewall.lua1473: bad argument #6 to 'format' (string expected, got nil)
Running firewall panic mode



Any ideas?
Thank you

Thank you Peter Baldwin,

However,
Yeah, my web proxy is running,, and, the results still same, my bandwidth is higher, even i put the "ceiling = 1" and "rate = 1"
This is my configuration (Gateway -> Content Filter & Proxy -> Web Proxy):

1) Settings
Transparent Mode: Enabled
User Authentication: Disabled
Performance Level: Home Network

2) Cache
Maximum Cache Size: 10 GB
Maximum Object Size: 500 MB
Maximum File Download Size: Unlimited


I have some question,
Is there any effects if i'm using VLAN on clearOS? VLAN working with firewall right?
this is my network architecture:

[Network]------[clearOS]------[Internet]

on clearOS:

1) To Internet:
eth1: 192.168.0.5

2) To Internal Network:
eth0: 192.168.1.5 (DHCP: 192.168.1.100-192.168.1.200)
eth0.5: 192.168.5.1 (DHCP: 192.168.5.100-192.168.5.200)
eth0.6: 192.168.6.1 (DHCP: 192.168.6.100-192.168.6.200)
eth0.7: 192.168.7.1 (DHCP: 192.168.7.100-192.168.7.200)
eth0.8: 192.168.8.1 (DHCP: 192.168.8.100-192.168.8.200)

eth0 - Open (for test purpose only, maybe that VLAN not working with bandwidth manager)
eth0.5 - Open
eth0.6 - Hidden SSID
eth0.7 - Captive Portal (Install Coova Chilli based on tutorial in clearOS - Up and Running)
eth0.8 - 802.1x

In my configuration:
/etc/clearos/firewall.conf

EXTIF="eth1"
LANIF="eth0 eth 0.5 eth0.6 eth0.7 eth0.8"

i put this configuration since clearOS block all packets from VLAN by firewall

Thank you

Do you have the web proxy running?

Seems like mostly in forums manage to made it works
However, i'm having problem, which, my Bandwidth Manager, not working properly with the advanced rules
i'm using:
ClearOS Community 6.4
Bandwidth Manager: 1.4.35-1 (the Beta version)

i want to limit the bandwidth, so, my configuration is:
Nickname: Open
Rule: Flowing to the network
Match Address: Destination - 192.168.5.187
Bandwidth: [Rate:1] [Ceiling:1] [Greed: Lowest] (1 = 1 kbps right? my client got more than 2Mbps)

Based on: /etc/clearos/firewall.conf
Open||0x10001000|0|192.168.5.187||eth1:0:0:6:0:0:1:1 \

However, no the bandwidth not affect for the client at 192.168.5.187 (iPad 2 - using testspeed.net)

Then, i try different configuration:
1) Rule: Flowing to the network, Source - 192.168.5.187
2) Rule: Flowing to the network, Destination - 192.168.5.187
3) Rule: Flowing from the network, Source - 192.168.5.187
4) Rule: Flowing from the network, Destination - 192.168.5.187

Still same results, not affect the client on 192.168.5.187

Any ideas?

John wrote:

Thanks Peter.. Bandwidth Manager isn't playing nice with QoS yet is it? I thought I read that was being worked on to have them work together.

Sorry, the new QoS app will not work with the Bandwidth Manager. However, the QoS app will have a way to control bandwidth to a certain extent. From what I understand, there will be a handful of "buckets" for managing QoS priorities and you can set bandwidth limits on individual "buckets". I'm not 100% sure about that... Darryl will need to provide more colour.

Thanks Peter.. Bandwidth Manager isn't playing nice with QoS yet is it? I thought I read that was being worked on to have them work together.

tharok wrote:

Hi Peter! I have tried what you told me but I think I have not explained myself well... If I specify a range of IPs all that IPs will share the speed (in this case, 125kb/s for everyone). I want that each user, separately, have a limit of 125Kb/s.

The range does in fact create separate 125kb/s rule for each IP. If you run the firewall in debug mode, you can see it in action: firewall-start -d

Note: Tim's advice is definitely worth following. The IP range hack is handy for wireless ISPs and multi-tenant deployments (not our target market).

Then you'll need to create a seperate rule for each? AFAIK the app doesn't enumerate the list, it will create just one filter entry for your IP range

P.S...the best approach with bandwidth management is to prioritise what services are critical, and leave everything else undefined and in the 'bulk' class...this way if your users are not using high priority services then they will just share what is left. This usually works better because your users get 375kb/s peak instead of 125kb/s max (using your figures), this reducing the overall peak traffic because it can be served quicker!

Hi Peter! I have tried what you told me but I think I have not explained myself well... If I specify a range of IPs all that IPs will share the speed (in this case, 125kb/s for everyone). I want that each user, separately, have a limit of 125Kb/s.

In example:
Imagine that I have 3 users, A, B and C, if I put a range of IPs on the bandwidth manager with a cap of 125Kb/s, the bandwidth will share this way: A+B+C=125Kb/s.
What I want is that A works with a cap of 125Kb/s, B another 125Kb/s and C another 125Kb/s.

I'm going to try it, thanks!!

Do you know how can I set a global limit to all the IPs of my network? I want that my users can't exceed 125Kb/s of bandwidth coming from the internet (I don't care about LAN and outcoming traffic)

The web interface no longer accepts IP ranges, but you can hack it in this way. Create an advanced rule:

- Nickname: my_nickname
- Direction: Flowing to the network
- Match: Destination @ 192.168.1.2
- Rate: 125
- Ceiling: 125

Go into the /etc/clearos/firewall.conf file and look for the new "my_nickname" rule. Change the IP (192.168.1.2) to an IP range (192.168.1.2:192.168.1.254). That should do it.

Thank you Peter, you are awesome! One last thing... Do you know how can I set a global limit to all the IPs of my network? I want that my users can't exceed 125Kb/s of bandwidth coming from the internet (I don't care about LAN and outcoming traffic). I have tried this with the old beta but the only way was creating manually all the rules, and I have more than 300 devices on my network...

The latest Bandwidth Manager is now available (version 1.4.35). The examples in the User Guide have all been updated and are in a "works for me" state. Keep in mind, the actual underlying bandwidth engine that was in version 5 has not fundamentally changed -- version 6 is mostly just a rework of the web interface.

Installation Instructions

From the command line:

yum --enablerepo=clearos-updates-testing install app-bandwidth

If you are not familiar with the command line, you can:

- Install the Software Repository app from Marketplace
- Go to Software Repository in the menu and enable the "clearos-updates-testing" repository
- Go to Software Updates in the menu to update the Bandwidth Manager to this test version

Gotchas

- There seems to be some issues with highly asymmetrical connections. On my home network, I have a 25 Mbps down, but only 0.8 up. Setting my upstream setting to the actual 0.8 (800 kbps) value slowed everything down. We'll need to figure this one out before the final release.

- The summary table for advanced rules doesn't show enough information and everything is squeezed in. It's a cosmetic/usability issue and something that we'll address.

- For users who worked with the previous release, there was a logic error on the "Source/Destination" (reversed) for the "Flowing to the network" direction. All fixed!

The update is sitting in the clearos-updates-testing repos. I'll be posting an announcement a little later today.

Peter Baldwin wrote:

Anything that is in test mode gets wiped when we move to a new version. We'll be making a new beta with advanced rules available on Tuesday. This time, the goal is to get it shipped before the end of the month!

Its Tuesday!!!!!

Any word if this is still on track?

Cool! In the meanwhile is there any way to "clean up" the stuff of the old beta? I had about 50 rules and I want to delete them, because I think they are still working even if the module doesn't have the advanced menus activated (maybe some file that I should check?). Thanks!

Anything that is in test mode gets wiped when we move to a new version. We'll be making a new beta with advanced rules available on Tuesday. This time, the goal is to get it shipped before the end of the month!

I have some problems with this now... I was using the beta app with the advanced rules to limit some users of my network and last night I saw a big update that included app-bandwidth. So I updated everything thinking about the features promised for ClearOS 6.4 about the bandwidth management. Now I have ClearOS 6.4.0 Final but the options for advanced rules have dissapeared... If I go to XX.XX.XX.XX/app/bandwidth/advanced/add I can add a rule and it works (thanks, Allan) but I can't manage all of them in that way, I have more than 250 users on my network and I need some sort of lists to help me with this.

So... Is there any way to properly reactivate the advanced functions? I have tried to update the module from the test repo but right now they are the same version

Dashboard says "ClearOS Community release 6.4.0 Beta (Beta 2)".
I managed to guess the URL for advanced rule: https://192.168.10.1:81/app/bandwidth/advanced/add. But now I'm not sure that is the right place or features i'm testing are not fully implemented yet.

@Allan when viewing you're development dashboard does it say 6.4.0 beta 1 or 2, or does it just say "ClearOS Community release 6.3.0 (Final)"

I've been struggling for days but I can't get this "Advanced Rule" tab to appear in webconfig. Am I doing something wrong?
1) Launching VMware Enterprise 6.3
2) During the initial setup 6.3 updates are installed automatically.
3) Only apps I choose from initial setup: bandwitdh manager, multi-wan
4) Upgrade to 6.4 beta 1 using "yum --enablerepo=clearos-updates-testing upgrade"
5) When I try to install new bandwidth manager described in the first post "yum --enablerepo=clearos-test install app-bandwidth", it says it's already updated.

"Advanded Rule" tab is simply not appearing. I've tried almost everything

Still waiting on the release of the QoS beta.

Is there any news on where we are at with the advanced rules?

Don't worry too much as it won't be on hold for long -- perhaps another month or so. Our hope is to get both QoS and bandwidth throttling by IP working in harmony. Getting both to work in harmony requires a different implementation under the hood (the UI won't change much, if at all). We didn't want to waste your time and our time with beta testing something that was going to be chucked away.

If harmonizing the two technologies is not possible, we'll still have the option of using one or the other but not both at the same time. We'll keep marching forward once that decision has been made.

It is disappointing to hear that the feature is on hold, given that it is one of the primary reasons I use ClearOS.

I don't know what the vast majority of users out there need, but I know that I, like millions of other Comcast customers, am restricted to 250GB a month and would like to have a way to degrade bandwidth as the estimate of what will be used approaches 250GB. I know that isn't this feature, but I made it a manual version of that feature by enabling and disabling rules on those month where I was approaching the limit. This is becoming more and more of a problem as we move to more and more streaming media and it seems every device we have wants internet access.

While I agree that VoIP "should just work," my worry is that a QoS system that knows about VoIP will not know about other protocols like CrashPlan's, that might also be reasonable to degrade in favor of VoIP, much like Netflix or a torrent.

And I'd rather not throttle all bandwidth, unless I'm quite close to the 250GB limit. I'd prefer to slow down my offsite backup and still be able to watch a Netflix streamed movie in HD.

Thanks.

This feature is on hold at the moment. Darryl - the ClearOS network guru - is working on QoS. For the vast majority of users out there, QoS is more important than bandwidth limits. VoIP should "just work" even if a bunch of Netflix streams and Bittorrent clients are active. There's a possibility that having bandwidth limits by IP address might not mix well with QoS. If there's a way to merge the two concepts, the implementation will be different.

Just to clarify, throttling overall bandwidth is not a problem, but throttling by IP might be. If you need to throttle overall bandwidth, then setting the "upstream/downstream" limits on the interface should do the trick... I think.

So, I've done some further blind experimentation. I compared the config in 5.2 to 6.3 and noticed a difference.

In 6.3:
CrashPlan_UP_Normal||0x10001000|0|192.168.72.224|4242|eth0:1:1:5:100:400:0:0 \

In 5.2:
CrashPlan_UP_Normal||0x10001000|0|192.168.72.224|4242|eth0:0:0:5:100:400:0:0 \

If I change the 1:1 to 0:0, then the advanced bandwidth rule works.

If I look in the config in web config, those parameters seem to be 0 = source and 1 = destination, because now my rule shows as: CrashPlan_UP_Normal Destination 192.168.72.224 Destination 4242

So, now, is my understanding wrong, or is webconfig wrong, or is the advanced bandwidth manager applying the rules to the wrong device? I am trying to slow down the rate at which a computer is uploading data out to the internet. Unfortunately, the webconfig doesn't allow editing, but I believe I said "flowing from the network", gave the computer's IP address and said it was the "source" and set the port, saying it was the "source". This didn't work. When I changed the rule, per what I have shown above, it works, but now it says the computer and port are the destination and they definitively are not the destination, they are the source of the data being uploaded.

[Edit: I removed the diff between the working and non-working tc -s filter ls dev imq0, because I'm no longer convinced that I had the information correct and didn't want to confuse anyone. Given that dev imq1 seems to be about downloading and imq0 seems to be about uploading, I'm wonder if I set the flowing to/from the network correctly at the original rule.

I am now convinced that webconfig has the source/destination mixed up, when I set flowing to the network, destination IP, destination port, I get a rule that limits uploading data from the network. When I set flowing from the network, source IP, source port, I get a rule that limits downloading to the network.]

Thanks.

Given what I saw in the logs, I'm thinking that the advanced bandwidth manager uses tc. Is this correct?

Yes.

I hope that someone can help with this or I'll need to go back to 5.2.

Given this has taken as long as it has I wouldn't hold my breath. 5.2 is very sea-worthy and won't need to be replaced for some time.

Sometimes having the new version isn't what's important.

Given what I saw in the logs, I'm thinking that the advanced bandwidth manager uses tc. Is this correct?

In order to try to understand how this works, I simplified the rules to only have one, where the upload speed is limited on upload. In /etc/clearos/firewall.conf, the important line is:
CrashPlan_UP_Normal||0x10001000|0|192.168.72.224|4242|eth0:1:1:5:100:400:0:0 \

Here is what I see:
tc qdisc show
qdisc mq 0: dev eth0 root
qdisc mq 0: dev eth1 root
qdisc mq 0: dev eth2 root
qdisc htb 1: dev imq0 root refcnt 2 r2q 1 default 2 direct_packets_stat 0
qdisc prio 10: dev imq0 parent 1:2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
qdisc pfifo 100: dev imq0 parent 10:1 limit 11000p
qdisc sfq 200: dev imq0 parent 10:2 limit 127p quantum 16000b perturb 10sec
qdisc sfq 300: dev imq0 parent 10:3 limit 127p quantum 16000b perturb 10sec
qdisc htb 1: dev imq1 root refcnt 2 r2q 1 default 2 direct_packets_stat 0
qdisc prio 10: dev imq1 parent 1:2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
qdisc pfifo 100: dev imq1 parent 10:1 limit 11000p
qdisc sfq 200: dev imq1 parent 10:2 limit 127p quantum 16000b perturb 10sec
qdisc sfq 300: dev imq1 parent 10:3 limit 127p quantum 16000b perturb 10sec

I also see:
tc class show dev imq0
class htb 1:10 parent 1:1 prio 5 rate 100000bit ceil 400000bit burst 1600b cburst 1600b
class htb 1:1 root rate 6000Kbit ceil 6000Kbit burst 1599b cburst 1599b
class htb 1:2 parent 1:1 leaf 10: prio 7 rate 750000bit ceil 6000Kbit burst 1599b cburst 1599b

It seems the rate of 100 kpbs and ceiling of 400kbps is in the 1:10 class.

Perhaps the information above will to help to get the advanced bandwidth manager working.

I hope that someone can help with this or I'll need to go back to 5.2.

Thanks.

I've installed the test bandwidth manager and it doesn't work. Other parts of the firewall, such as port forwarding work, but not the advanced rules.

I use CrashPlan and I've tried to set it to not suck up all my bandwidth, but it doesn't slow it down at all. If I look in /etc/clearos/firewall.conf, this is what I see (along with other things):
CrashPlan_UP_Normal||0x10001000|0|192.168.72.224|4242|eth0:1:1:6:100:800:0:0 \
CrashPlan_UP_Slow||0x00001000|0|192.168.72.224|4242|eth0:1:1:6:50:50:0:0 \

Ordinarily, I run the "normal" profile, but if I'm approaching Comcast's 250GB limit, then I'll disable the "normal" one and enable the "slow" configuration. This has worked great with Clear 5.2. (Though an automatic on that slows crashplan down if the straight line estimate is approaching 250 would be worth some money to me.)

If I look in /var/logs/system, I see things like:
Nov 8 22:21:51 vanir firewall: HTB Class 1:10, priority: 5, rate: 100kbit, ceil: 800kbit, interface: imq1
Nov 8 22:21:51 vanir firewall: HTB Class 1:10, source address: NONE, destination address: 192.168.72.224:4242
Nov 8 22:21:51 vanir firewall: HTB Class 1:10, priority: 6, rate: 100kbit, ceil: 800kbit, interface: imq0
Nov 8 22:21:51 vanir firewall: HTB Class 1:10, source address: NONE, destination address: 192.168.72.224:4242
Nov 8 22:21:51 vanir firewall: HTB Class 1:11, priority: 6, rate: 100kbit, ceil: 800kbit, interface: imq0
Nov 8 22:21:51 vanir firewall: HTB Class 1:11, source address: NONE, destination address: 192.168.72.224:4242

I don't really understand why I see 3 here, when really I've defined 4 rules. Two normal and two slow, for up and down.

In any event, if someone has some advice on how to get this to work, I'd really appreciate it.

Thank you.

Miles

That's cute, forum software won't accept attachments without an extension.

Looks like I got taken out by Google's spam filter.

Delivery to the following recipient failed permanently:



     developer@clearfoundation.com



Technical details of permanent failure: 

Message rejected by Google Groups.

PFA. [file name=system.txt size=85077]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/system.txt[/file]

Sent, trimmed to include only entries between installing the app-bandwidth beta and removing app-bandwidth-core.

Peter

copy of logfile has been forwarded to the requested e-mail address

On looking at the log myself it appears to go from when I first installed and set up the server, about the first 48 - 72 hours are setting up and I installed the advanced rules beta straight into this system, I note the rules I entered never appear in the log but after I removed the advanced rules and installed the market place version these actually appear in the log and the incidence of errors (php) reduces significantly