Iptables – WireGuard: Limiting download & upload bandwidth

I'm trying to limit download and upload speed of each wireguard peer to 512kbit.

The problem is that my following commands, only limits download bandwidth of peer and doesn't limit upload bandwidth. Any help would be appreciated.

tc rules for example peer with ip 10.7.0.2 and iptables mark 12:

tc qdisc add dev eth0 root handle 1: htb
tc qdisc add dev wg0 root handle 1: htb

tc class add dev eth0 parent 1:1 classid 1:12 htb rate 512kbit ceil 512kbit
tc qdisc add dev eth0 parent 1:12 sfq perturb 10
tc filter add dev eth0 protocol ip parent 1: prio 1 handle 12 fw flowid 1:12

tc class add dev wg0 parent 1:1 classid 1:12 htb rate 512kbit ceil 512kbit
tc qdisc add dev wg0 parent 1:12 sfq perturb 10
tc filter add dev wg0 protocol ip parent 1: prio 1 handle 12 fw flowid 1:12

And with iptables, I mark peer with number 12, so tc does limit it:

iptables -I FORWARD -s 10.7.0.2 -j MARK --set-mark 12
iptables -I FORWARD -d 10.7.0.2 -j MARK --set-mark 12

Thanks!

export IF_INET=eth0 export LIMIT=300kbit tc qdisc add dev ${IF_INET} ingress tc filter add dev ${IF_INET} protocol ip ingress prio 2 u32 match ip dst 0.0.0.0/0 action police rate ${LIMIT} burst ${LIMIT} tc filter add dev ${IF_INET} protocol ip ingress prio 2 u32 match ip src 0.0.0.0/0 action police rate ${LIMIT} burst ${LIMIT}

Iptables – WireGuard: Limiting download & upload bandwidth

Best Answer

Related Topic

Best Answer

Related Solutions

Linux – the best solution for traffic control in a large system (ca. 2000 users)

Linux – Minimal rate and default class problem for HTB

Related Topic