Welcome to !

     Main Menu

Main How-To

Arbitrator9.61 on linux-2.4.30 miniHOWTO

Main FAQ

Tips & Tricks

Change Log

Buy Online

Application shaping for Kazaa and numerous others


About Us

Contact Us


Warning, before you untar the Arbitrator releases please read the How-To. Also any items in the Changelog relating to the version.

. arbitrator9.62.tar.gz this is the GPL version. It does not come with a GUI, nor is reporting included in this version. Those items are licensed with our commercial products only. This version runs on the Linux 2.6.5 kernel. No other patches are required since iptables and ebtables are already in this kernel. READ THE CHANGE LOG FOR INFO ON THIS VERSION.

. arbitrator8.63.tar.gz this is the GPL version. This is currently the most stable version based on the 2.4.19 kernel. It does not come with a GUI, nor is reporting included in this version. Those items are licensed with our commercial products only. This version runs on the Linux 2.4.19 kernel. READ THE CHANGE LOG FOR INFO ON THIS VERSION.

. callnetplot version 1.0 for plotting MULTIPLE VLANs This is a user donated perl script which should be used with 8.25. Other versions may be able to be tweaked to use this as well with a little work.
. sanity.tar.gz
Version 1.21 is a watchdog utility type program for the Arbi. You can read the README by clicking here.

. userlimit1.0.tar.gz
This is a beta release and we welcome beta customers. Enforce Bandwidth Caps on monthly/daily or hourly usage, take actions when caps are exceeded. You can read the README by clicking here.

. arbiqos1.1.tar.gz
This is a beta release and we welcome beta customers. You can find the docs for ArbiQos by clicking here.

. apccrond - Perl cron like helper app

. asciiplot2.0 - Perl plot routine that creates ASCII graphs in the form of horizontal bar charts. You could modify the code to output graphics instead of ASCII *'s for use with web apps. Here is the README.

. bridge-utils-0.9.5.tar
. bridge-nf-0.0.7-against-2.4.19.diff for the 2.4.19 kernels.
Off site links

. 2.6.5 Kernel Source


Interested in simulating traffic? Please visit our partner Candela Technologies.

     Linux help links
New to Linux?
Here are a few links
to get you over the
that learning curve.

The Linux Cookbook

Linux Useful Commands

A Bridging Firewall

 NotOnFrontPage: Arbitrator Change Log


Change Log

Version 9.62

Added /art/conncount utility so you can easily see how many connections an IP has.

Version 8.63

Fixes of minor bugs in our 2.4.19 kernel version code.

Version 9.61

Fixes for our 2.6.5 kernel code to improve the total amount of bandwidth that can be handled.

Version 9.6

Fixes for our 2.6.5 kernel code that could result in kernel panics or kmsgs upon putting large amounts of bandwidth through it.

Version 9.51

This version is based on the 2.6.5 kernel source. Because of this there are more drivers available such as new network drivers and Scsi drivers and so on. This version is an update of the 8.6 version with VLANS built in as well. No patches are required except the Arbitrator files since Iptables and EBtables are built into this kernel.

Version 8.6

8.6 Introduces a release where VLANS (virtual trunking) feature is backward comapatible to previous releases that did not have virtual trunking.

What this means is you can upgrade to 8.6 from 8.22 -8.2x without changing configuration or defining VLANS

This version requires a rebuild of the 2.4.19 kernel and bridge tools.

Version 8.24

Fixed non initialized variable doing total bandwidth counting.

Both bridge utils and kernel need recompiling for this version.

Version 9.1

Revised code so that it will now work using kernel 2.4.25 w/ebtables patch applied.
You must use the 2.4.25 kernel source and then patch with the ebtables patch and then apply this code afterwards. You cannot use this version as is with any other kernel source version or without ebtables.

You still need to use the bridge-utils-0.9.5.tar
but do not use the bridge-nf-0.0.7 against-2.4.19.diff of course.
Version 8.22

Fixes typo in /etc/init.d/arbitrate so it removes hard limits.

Version 8.21


New buffering and tweaking for hard limits.
This version will require a rebuild of kernel and bridge utils.

Version 8.1

New Features

Capability of setting hard limits now per host IP or a range of hosts starting with x.x.x.x/y

Hard limit has an in and out value you can set per host IP.

ADD_CONFIG HARD x.x.x.x/y inval outval range

Version 7.74

New Features

We have modified this version of the Bandwidth Arbitrator to handle even more users than before. The connection tracking table can now handle 5000 connections which will easily work on networks with 3000 active users. And 6000 total users.

Version 7.70


The value left on so that the GPL version quit after 4 days has been toggled off which it should have been before.

New Features

This release provides a system wide connection limit for your network. With a single command you can limit the number of active connections to all hosts on your network

For example

Host A,B,C are outside your network

Host D,E,F,G are on your network

If you set the network wide connection limit to "2" for incoming connections, then if HOST(s) A B and C try to connect to HOST D on your network, only two will be allowed.

To limit incoming connections

/art/ADD_CONFIG CONNECTION x.x.x.x/32 val 999999 [0,1]

Where the ip address is put does not matter but must be there.

Version 7.65
Patches a build problem with the 7.64 kernel and adds a key mechanism to build systems with restricted bandwidth.
Version 7.64
Tweaked the way MAC related tasks were handled to resolve issues that some people were finding when using mostly MAC shaping.
No need to recompile if you are already on 7.6x. New files are in /art
Version 7.63

Changed /art/new2 so that changing downlink takes affect without restarting. Old bug that resurfaced.

Changed the way percentage affected rules to make it more precise.

Version 7.62

Changed /art/new2 so that toggling off default rules does not also toggle off user rules.

Version 7.61

Major optimizations to allow for handling shaping rules, up to 3 times as many rules may be processed before running out of CPU.

Fixed a serious problem with the internal perl signaling which was causing systems to crash when changing rules.

Further smoothing of how penalties are released to make bandwidth limiting steadier.

Added getbrain2 to the archive.

Version 7.53

Revised /art/BROWSE_CONFIG to show RATIO

Version 7.52

Fixes for brctl that were supposed to be in the previous release but didn't make it some how.

You will need to recompile the kernel and bridge utils if coming from 7.3x and you will need to recompile the bridge utils if coming from 7.51

Version 7.51

ADD_CONFIG CONNECTION x.x.x.x/y val port direction

The direction parameter is new to the 7.51 release. A value of 0 indicates limit incoming connections to host, a value of 1 indicates limit the total number of outgoing connections from the host. For backward compatibility you can leave the "direction" parameter off and the connection limit will default to incoming.

"x.x.x.x" = is the host and y must be 32.

"val" = connections allowed before droping new connections.

Setting the port to 0 will limit all connections coming into this host.

Setting the port value will do the following, please READ carefully. When the port value is set the number of connections coming to/from the host on all ports will be counted. When the number of connections on ALL ports exceeds "val" new connections to the specified "port" will be denied.

Connections are defined as any two IP addresses talking to each other.

A new parameter RATIO has been added. This parameter will allow the adminstrator to tell the arbitrator (default rules) not to create any Penalties unti the utilization on the trunk exceeds "RATIO". Ratio should be set from 1 to 100. For example setting Ratio to 90 on 100kbs trunk will disable any arbitration of data until the trunk utilization hits 90kbs. Ratio applies to both TRUNK_UP and TRUNK_DOWN directions.

Version 7.32

Added new utility getbrain2

This new utility will allow you to look at usage by application. It will only show you the current active usage for selected applications (BEARSHARE GNUTELLA WINMX and so forth) You must turn on application shaping for each individual application you wish to track. Be careful not to turn on too many at one time unless needed, shaping applications will tax your CPU utilization.

Also if you are just interested in tracking application usage with this utility and not shaping then set the percent value to 100 and nothing will get penalized.

Version 7.31

Fixed typo/bug in start up routine

Version 7.3
You can now start the arbitrator and tell it run in double time, essentially what this means is that it will do analysis on bandwdith usage twice a second instead of once a second.

This version is meant for use in doing QOS type activities where it is important to scale back hogs more quickly. If you choose to use double time on the standard arbitrator it is advised that you also scale back the PENALTY_UNIT parameter as the combination of a smaller PENALTY_UNIT and double time should give you smoother shaping.

The trade-off with using double time, is that it will use quite a bit more resources. Keep an eye on system cpu usage.

Version 7.25

Fixes for

UPLINK and DOWNLINK limits by host

Default rules not staying off when they were supposed to be off

Content Filtering is now fixed

Version 7.0 beta


In the 7.0 release the Arbitrator now makes all default shaping decisions on UPLINK and DOWNLINK traffic.

In this release you must tell the Arbitrator the speed of your TRUNK_UP and TRUNK_DOWN. Once this is in place the Arbitrator now will penalize uplink and downlink hogs based on the amount of traffic they use in a specific direction. Prior to this release the Arbitrator summed the traffic for a hog in both directions and compared that sum to the bandwidth of the bi-directional trunk. Many ISP's have different speeds for UPLINK and DOWNLINK, so this new version allows for better utilization of those resources.

This release also auto detects the direction of traffic across the Arbitrator, there is no need for any reference IP.

Also in this release we have added edonkey emule shaping and a fix for bittorrent.

We have also disabled some of the lesser used features in this release. These include:

1) The Compound Limit Feature
No plans to support this at this time.

2) Priority Host Feature
Priority Hosts feature was so specialized we have created a seperate Arbiqos release in the GPL and a professional product for QOS features.

3) We have disabled some of the command line time of day scheduling capabilities.

We plan to use our embedded cron facility for more robust scheduling. We will write a new front end for this in the GUI tools, the current command line tool does not allow for day of week or multiple intervals.

Version 6.31

Fixed a typo in ADD_CONFIG which made adding a mask impossible if you had version 6.3

Version 6.3

Fixes for possible kernel panic conditions


MAC uplink and downlink commands now available via REMOVE_CONFIG and ADD_CONFIG
The 6.3 version does require a kernel/modules and bridge utils recompile

Version 6.2
Shape by MAC Address
Limit number of connections to a host
The 6.2 version does require a kernel/modules and bridge utils recompile

Version 6.0

Fixes to clear up loop holes in application shaping for Kazaa ,and Gnutella

It is recommended that you increase INACTIVE_TICS to 1500 when shaping p2p applications.

It is also the first release with connection limits by host and port. With this feature you can reduce the threat of denial service attacks. It won't prevent them but it will keep your servers from getting completely overwhelmed.

Connection limits are also useful to keep the number of Gnutella connections down for a particular host.

Gnutella clients can create hundreds of download connections when downloaing just a few files.

When upgrading to 6.0 you will have to recompile the kernel and the bridge utils also.

Version 5.55


/art/new2 was fixed to allow BRAIN_SIZE on initial startup to take the correct value from arbdefault.

Version 5.54


/art/new2 was revised so that arblog doesn't continue to grow and grow. Now 30 mins will be stored and then it will be saved out to an arblog.bak so you will not ever have more than 60 mins worth of logging in those files.

Version 5.53


Fixed a Content Filter problem that was created by the changes in 5.52

5.53 will require a kernel compile.

Version 5.52


Fixed a port tracking problem where the port was not showing the correct port. This would not affect the core program but reporting was not showing correctly

Fixed a negative value in the brain table that was cosmetic for the most part

5.52 will require a kernel recompile

Version 5.51


Fixed /art/new2 so that it did not complain about the new kbs values it now sees when shaping by kbs. Also a precedence problem in a compare statement in /art/new2 was fixed.

Version 5.5


You can now specify a SHAPE amount by kbs instead of a percentage of the trunk size. Simply add kbs after the number you want like 60000kbs

You can turn off the default shaping mode of Arbi with a toggle in arbdefault.conf now.


/art/MODIFY_CONFIG was adding extra spaces to the arbdefault.conf when modifying an APP and a couple of regex were fixed so they didn't error when enabled

No compiling is necessary from 5.4 You do need to add the line that pertains to the new config option in arbdefault.conf for the default shaping to any older version of arbdefault. conf you are wanting to keep.

Version 5.4


Ports were not being updated in the brain if they started the connection on one port and then switched to a different port.

We have a fix coming for the UPLINK DOWNLINK feature. It had some quirks.

We have a fix for application patterns, when you stop the arbitrator and then restart it they were not getting cleaned up correctly.

And lastly there was a problem with the IMAP problem,it you set it, it causes the KERNEL to throw errors to the log. Needless to say IMAP was not being detected.

There were modifications to the kernel source so you will need to recompile

Version 5.3

In this release the major enhancement is the ability to limit a single user to a fixed amount of traffic per an application .

For example:

To keep the user at from using more than 50kbs for BEARSHARE you would do the following.

1) Assuming you have a 5mbs Trunk , you would do the following.

First Turn on APP SHAPING for BEARSHARE in general by


Notice I set the BEARSHARE limit for the whole trunk to 100 percent because I had no desire to limit BEARSHARE trunk wide.

Now ADD in the specific host(s) you want to limit for BEARSHARE

And you are done.

To REMOVE this rule


Caveats to this utility.

The 5.3 release does not support persistence, if you reboot you must re-enter the rules (most users just write a start-up script)

The 5.3 release does not support modify for these "Compound" limits, you must remove and then add to change.

Also in 5.3 a fix to allow the increase of MAX_PENALTY.

Version 5.2


Added the ability to limit bandwidth in the UPLINK and DOWNLINK directions for the same IP or host
Smoothed out the shaping so fluctuations are not as drastic
Added two new patterns RDP and MSNMESSeNGEr

Only Changes from 5.1 are in the /art directory. No need to recompile from 5.1

Version 5.1


Added CONTENT_FILTER2 which is a commandline version of CONTENT_FILTER which is interactive in nature.


/art/new2 was revised to fix a warning when used in Debian which can be ignored but was annoying.

Version 5.0
New Features
Content filtering

Use the new command CONTENT_FILTER to add filters to /etc/arbdefault.conf, use ADD_CONFIG and REMOVE_CONFIG to enable and disable the content filters.


You can increase the number of BUFFERS which corresponds to the number of simultaneous penalties.

Prior to release 5.0 you had to use the lower level brctl/setbuff command to increase buffers and the change only took effect if you did a start/stop on the Arbitrator (not good if you want your system to recover on a reboot to its original configuration)

The new Parameter also show up in the BROWSE_CONFIG commnd.

5.0 will require a full recompile.

Version 4.63
New Features

In this release, we have created three configuration parameters to make it easy to set up an external IP address to remotely contact the arbitrator in a "two ethernet" card configuration.


They allow you to set an IP address for the bridge, which is essentially just like setting up the normal IP address on a host, except that with a bridge you have to do it a bit differently. So the arbitrator start up routine will do the IP set up for you if you set these parameters up.

Use the standard MODIFY_CONFIG utility to set values for these parameters. This will store these in arbdefault.conf

MODIFY_CONFIG, ADD_CONFIG, REMOVE_CONFIG and BROWSE_CONFIG were all updated to work with the new values.

Some limits were upped in the bridge code as well.

The 4.63 version does require a kernel/modules and bridge utils recompile

Version 4.62

This mode works just like LIMIT PERCENT but it is only applied to the traffic coming from host/subnet. To see the syntaxt of how to use the UPLINK LIMIT, run the ADD_CONFIG command from the console without any parameters, and it will display the usage syntax for setting up this type of LIMIT.


Same as UPLINK but the opposite direction, limits traffic going to the specified host/subnet.

Version 4.61
Fixes and Features

1) Tightened the scope of WINMX application shaping
2) Fixed problem with only one application shaping rule in effect at one time
3) Fixed a problem with the FTP pattern (typo from last release broke FTP application shaping)
4) Added shaping for RSTP
5) Fixed problem with modifying MAX_PENALTY and PENALTY_UNIT using MODIFY_CONFIG (fixes are in NEW2)
6) Made a fix in ADD_CONFIG , was having trouble with the "+" sign in a regular expression. This was needed for WINMX

The 4.61 version will require a rebuild of the kernel/modules and the bridge utils

Version 4.6
New Features
/art/REMOVE_CONFIG - now you can remove MASK, SHAPE LIMIT, SHAPE PORT, etc from the commandline without touching arbdefault.conf and without manually restarting Arbi.

New APP shaping for WINMX

New kernel mods to support removing APPS (fixes that bug where we ran out of space for APPS, keeps you from putting the same app in the kernel twice on a restart of the arbitrator)

The 4.6 version will require a rebuild of the kernel/modules

Version 4.51

Bugs Fixed

/art/ADD_CONFIG bugs fixed
/art/MODIFY_CONFIG typos fixed
/art/new2 bugs fixed
/etc/init.d/arbitrate bug fixed where start_it should have been killed before new2 was killed upon a stop.

Version 4.5

New Features

/art/ADD_CONFIG - add new configs to Arbi on the fly without restarting.
/art/BROWSE_CONFIG - the official way to look at your parameters.
/art/test_config4.5.sh - the official test configuration utility

Bugs Fixed

Fixed all known typo's and/or bugs in files in /art already.

Those upgrading from 4.4 or 4.41 can just run ./install.sh and there is no need to recompile the bridge-utils nor the kernel or modules this time. All changes were done to done in /art (except for one line commented out in a bridge-utils file but it is only cosmetic)

Version 4.41

Bugs Fixed

Fixed typo in /art/new2 and commented out the shaping that was left turned on in the /etc/arbdefault.conf.

Version 4.4

New Features

/art/MODIFY_CONFIG Dynamically change your shaping parameters on the fly.

BROWSE_PARAMS - coming soon
lists out all parameters and their current settings or just the
named parameter of your choice

ADD_CONFIG - coming soon
lets you add a shaping rule or mask to a running system

REMOVE_CONFIG - coming soon
lets you remove an existing shaping rule or mask from a running system

Version 4.31

New Features

Added Experimental app shaping for
Novell Core Protocol NCP
AOL AIM content

It also now supports a 0 percent shaping option,
there is footnote that this is not perfect for ftp
(note in the conf file), this 0 percent feature
should not be used as failsafe firewall for apps yet
as small bits of data do slip through.

Fixed a small bug in the new2 command.

Version 4.3

Fixed the quirks in the pattern finding mechanism, now you can just brctl debug 2 any time.
Added application shaping for ftp , now we detect ftp when it port hops.
Added shaping for smtp
Added shaping for pressplay, musicmatch, live365
Experimental shaping for realplayer
Optimized the application shaper to be more efficient.
Added the changelog to the archive so you could see what version you had last by looking at this file.

Version 4.21

New install.sh routine for install included.
New directory structure for the releases in the tar.gz format so you don't have to worry about where you untar the release any longer. Some people would have had problems if they did not see the Main How-to and instead of using a /scratch directory they untarred directly into their /usr/src. The new structure and naming is now safer.

Version 4.2
Added more app shaping in default configs plus added new routine and how to for finding new apps on your own.

Note: z


Web site powered by PHP-Nuke

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest 2002 by me
Web site engine's code is Copyright © 2003 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.133 Seconds