Hello folks!

I have recently installed RedHat 8.0 and am using it as a gateway.
I use Iptables for firewalling and ip masquerading, now this works as its supposed to.
It even works very good!

Im portforwarding port 80, 21 & 20 to an internal machine and this works fine to.

Now to my problem #1.
Im using TC with cbq for shaping and this almost works as it is supposed to.... I have put a test uplink bandwidth at 480Kbits/s (~60 kbytes/s) and well It limits the connection to 60 with one or two bursts here and there... But its very uneven, it seeems to be struggeling alot and stalling a hell of a lot, the connection is going on a rollercoaster from 33 kbytes/s - 70 kbyts/s. It works but it looks ugly

Problem # 2.
Now this is the REAL problem. I use Stochastic Fairness so that one tcp-flow does not drain another... now this seems to work in the manner that a ftp-flow doesn't drain a http-flow and the other way around, BUT...
If I have one user on my ftp and the shaping limit (rate with cbq) set at say 60 kbyts/s it looks ok, the rate has a good effect, but if another user login on the ftp-server he only gets like 10 - 0 kbytes/s, in other words, he gets drained by the first user, now this was unexpected to me, I thought they would level out to something like 30/30 kb/s but they dont...

I've read about using HTB instead of CBQ but it seems my kernel-configuration doesnt fully support it and I dont know *nix that well... installed redhat 8 a week ago and before that I havent touched a linux box in three years... (but I remebered if you do an ls -a in /bin you really should pipe it through less/more <--- my current knowledge of *nix is hereby explained)

What I want to accomplish is to make CBQ work with multiple ftp-users and have a stable shaped uplink connection... I have followed the guides and ripped most of the scripts from the exellent howto at http://lartc.org, and now Im soooo close! Help me!

The script Im using for the shaping is located here: http://lartc.org/howto/lartc.cookboo...c.html#AEN2183 I hardly changed anything in the script so, thats pretty much what Im using.