[LARTC] newbie needs policing help

[Mike Wright <xktnniuymlla@mailinator.com>]

Hi listizens,

Complete tc newbie here.  I'm in a pinch because of a mail assault on a 
server.  I've firewalled away many of the most egregious offenders but 
non-smtp services are still being DOS'ed because of all the mail traffic.
Here is what I've tried.  (I did say newbie ;)

-----------------
#!/bin/sh
#
# policing parent
tc qdisc add dev eth0 handle ffff: ingress
#
# filter should slow tcp smtpd traffic to 64k max
tc filter add dev eth0 parent ffff: protocol ip prio 50 \
    u32 match ip dport 0x25 0xFFFF match ip protocol 0x06 0xff \
    police rate 55kbit burst 9k drop flowid :1
-----------------

...but I haven't the slightest idea how to check up on it.  e.g. with 
iproute2 I could say "ip route list" to see what was in there, but how 
can I check tc rules?  "tc qdisk show" gives some cryptic output but "tc 
filter show dev eth0" returns nothing.
(I'm not even sure if the above rules make any sense :(  )

Any helpers out there?

TIA,
Mike Wright :m)
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc