From mboxrd@z Thu Jan 1 00:00:00 1970 From: "jayesh" Date: Sat, 08 Jan 2005 15:32:05 +0000 Subject: [LARTC] script Message-Id: <002401c4f597$351c2400$fd00000a@jayesh> MIME-Version: 1 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0021_01C4F5B0.5A623010" List-Id: References: <1076657524.2667.0.camel@zyon.co.za> In-Reply-To: <1076657524.2667.0.camel@zyon.co.za> To: lartc@vger.kernel.org This is a multi-part message in MIME format. ------=_NextPart_000_0021_01C4F5B0.5A623010 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable dear all=20 iam newbie , i have 256 kbits of down link and 64 kbits of up link iam = using squid and htb i have got this while browsing the net , there are = some few issues i need help=20 while running the script i want browsing to be as fast as possible , = uplink especially kaaza should not eat my band width.=20 eth1 got public ip address and eth0 is internal with network = 10.0.0.0/24 iam also using nat , how can i make squid incoporates with = htb (squid uses 3128) here is my script=20 #!/bin/bash TC=3D/sbin/tc=20 IPTABLES=3D/sbin/iptables $TC qdisc del dev eth0 root 2> /dev/null > /dev/null $TC qdisc del dev eth1 root 2> /dev/null > /dev/null $TC qdisc del dev eth1 ingress 2> /dev/null > /dev/null $IPTABLES -F POSTROUTING -t mangle $TC qdisc add dev eth0 root handle 1: htb default 50 r2q 2 $TC class add dev eth0 parent 1: classid 1:2 htb rate 248Kbit burst 35k $TC class add dev eth0 parent 1:2 classid 1:10 htb rate 220Kbit ceil = 240Kbit burst 25k prio 0 $TC class add dev eth0 parent 1:2 classid 1:30 htb rate 28Kbit ceil = 28Kbit burst 10k prio 1=20 $TC class add dev eth0 parent 1: classid 1:60 htb rate 1Kbit ceil = 100Mbit prio 1 $TC qdisc add dev eth0 parent 1:10 handle 11: sfq perturb 10 $TC qdisc add dev eth0 parent 1:30 handle 33: sfq perturb 10 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -j MARK = --set-mark 3 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 80 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 443 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 22 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 21 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 53 -j MARK --set-mark 1=20 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp = --sport 53 -j MARK --set-mark 1=20 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 110 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 5190 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 6661:6669 -j MARK --set-mark 1=20 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp = --sport 3128 -j MARK --set-mark 1 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp = --sport 3128 -j MARK --set-mark 1#$IPTABLES -t mangle -A POSTROUTING -o = eth0 -s ! 10.0.0.0/24 -p icmp -j MARK --set-mark 1 =20 $TC filter add dev eth0 parent 1:0 protocol ip handle 1 fw flowid 1:10 $TC filter add dev eth0 parent 1:0 protocol ip handle 3 fw flowid 1:30 $TC filter add dev eth0 parent 1:0 protocol ip prio 1 u32 \ match ip protocol 0x6 0xff \ match ip tos 0x10 0xff \ flowid 1:60 =20 ############################## $TC qdisc add dev eth1 root handle 1: htb default 20 $TC class add dev eth1 parent 1: classid 1:1 htb rate 62Kbit burst 35k $TC class add dev eth1 parent 1:1 classid 1:10 htb rate 40Kbit ceil = 60Kbit burst 25k prio 1 $TC class add dev eth1 parent 1:1 classid 1:20 htb rate 15Kbit ceil = 55Kbit burst 10k prio 2 $TC class add dev eth1 parent 1:1 classid 1:30 htb rate 7Kbit ceil = 28Kbit burst 5k prio 3 $TC qdisc add dev eth1 parent 1:10 handle 10: sfq perturb 10 $TC qdisc add dev eth1 parent 1:20 handle 20: sfq perturb 10 $TC qdisc add dev eth1 parent 1:30 handle 30: sfq perturb 10 $TC filter add dev eth1 parent 1:0 protocol ip prio 10 u32 \ match ip tos 0x10 0xff flowid 1:10 $TC filter add dev eth1 parent 1: protocol ip prio 10 u32 \ match ip protocol 6 0xff \ match u8 0x05 0x0f at 0 \ match u16 0x0000 0xffc0 at 2 \ match u8 0x10 0xff at 33 \ flowid 1:10 =20 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -j MARK = --set-mark 12 # $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p icmp -j = MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --sport 22 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --sport 80 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --dport 80 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --dport 21 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --dport 20 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --sport 3128 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp = --dport 3128 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -j MARK = --set-mark 13 =20 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport = 80 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 443 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 53 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p udp = --dport 53 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 22 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 23 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 21 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 25 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 110 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 5190 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp = --dport 6661:6669 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p udp --dport = 3128 -j MARK --set-mark 11 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p tcp --dport = 3128 -j MARK --set-mark 11 #$IPTABLES -t mangle -A POSTROUTING -p icmp -j RETURN $TC filter add dev eth1 parent 1:0 protocol ip handle 11 fw flowid 1:10 $TC filter add dev eth1 parent 1:0 protocol ip handle 12 fw flowid 1:20 $TC filter add dev eth1 parent 1:0 protocol ip handle 13 fw flowid 1:30 please help with clarification=20 regards Dealing in Computers, Software and Peripherals=20 =20 Jayesh Chandran Compucat Technologies (An associate of Milan Cable Television) 1.Goliondoi Road, Arusha. 2.Ground Floor, Serengeti Wing, PB No. 10367, AICC, Arusha, Tanzania =20 jayesh@bol.co.tz tel:=20 fax:=20 mobile: +255 27 2502660 +255 27 2504527 +255 748 586169 =20 =20 =20 =20 =20 Add me to your address book... Want a signature like this?=20 =20 ------=_NextPart_000_0021_01C4F5B0.5A623010 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
dear all
iam  newbie , i have 256 kbits of = down link=20 and 64 kbits of up link iam using squid and htb i have got = this  while=20 browsing the net , there are some few issues i need help
while running the script i want  = browsing to=20 be as fast as possible , uplink especially kaaza should not eat my band = width.=20
eth1  got public ip address and = eth0 is=20 internal with network 10.0.0.0/24 iam also using nat , how can = i make=20 squid incoporates with htb (squid uses 3128)
here is my script
#!/bin/bash
 TC=3D/sbin/tc =
IPTABLES=3D/sbin/iptables
 $TC=20 qdisc del dev eth0 root 2> /dev/null > /dev/null
 $TC = qdisc del=20 dev eth1 root 2> /dev/null > /dev/null
 $TC qdisc del dev = eth1=20 ingress 2> /dev/null > /dev/null
 $IPTABLES -F POSTROUTING = -t=20 mangle
  $TC qdisc add dev eth0 root handle 1: htb default 50 = r2q=20 2
 
 $TC class add dev eth0 parent 1: classid 1:2 htb rate 248Kbit = burst=20 35k
 $TC class add dev eth0 parent 1:2 classid 1:10 htb rate = 220Kbit=20 ceil 240Kbit burst 25k prio 0
$TC class add dev eth0 parent 1:2 = classid 1:30=20 htb rate 28Kbit ceil 28Kbit burst 10k prio 1
$TC class add dev eth0 = parent=20 1: classid 1:60 htb rate 1Kbit ceil 100Mbit  prio 1
 $TC = qdisc add=20 dev eth0 parent 1:10 handle 11: sfq perturb 10
 $TC qdisc add = dev eth0=20 parent 1:30 handle 33: sfq perturb 10
 $IPTABLES -t mangle -A=20 POSTROUTING -o eth0 -s ! 10.0.0.0/24 -j MARK --set-mark = 3
 $IPTABLES -t=20 mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 80 -j MARK = --set-mark 1
 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s !=20 10.0.0.0/24 -p tcp --sport 443 -j MARK --set-mark 1
 $IPTABLES = -t mangle=20 -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 22 -j MARK = --set-mark=20 1
 $IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 = -p tcp=20 --sport 21 -j MARK --set-mark 1
 $IPTABLES -t mangle -A = POSTROUTING -o=20 eth0 -s ! 10.0.0.0/24 -p tcp --sport 53 -j MARK --set-mark 1 =
$IPTABLES -t=20 mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 53 -j MARK = --set-mark 1
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! = 10.0.0.0/24 -p=20 tcp --sport 110 -j MARK --set-mark 1
 $IPTABLES -t mangle -A = POSTROUTING=20 -o eth0 -s ! 10.0.0.0/24 -p tcp --sport 5190 -j MARK --set-mark = 1
$IPTABLES=20 -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p tcp --sport = 6661:6669 -j=20 MARK --set-mark 1
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s !=20 10.0.0.0/24 -p tcp --sport 3128 -j MARK --set-mark 1
$IPTABLES -t = mangle -A=20 POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p udp --sport 3128 -j MARK = --set-mark=20 1#$IPTABLES -t mangle -A POSTROUTING -o eth0 -s ! 10.0.0.0/24 -p icmp -j = MARK=20 --set-mark 1
 
 $TC filter add dev eth0 parent 1:0 = protocol ip=20 handle 1 fw flowid 1:10
 $TC filter add dev eth0 parent 1:0 = protocol ip=20 handle 3 fw flowid 1:30
 $TC filter add dev eth0 parent 1:0 = protocol ip=20 prio 1 u32 \
 match ip protocol 0x6 0xff \
  match = ip tos=20 0x10 0xff \
 flowid=20 1:60
 
##############################
$TC qdisc add dev = eth1 root=20 handle 1: htb default 20
 $TC class add dev eth1 parent 1: = classid 1:1=20 htb rate 62Kbit burst 35k
 $TC class add dev eth1 parent 1:1 = classid=20 1:10 htb rate 40Kbit ceil 60Kbit burst 25k prio 1
 $TC class add = dev=20 eth1 parent 1:1 classid 1:20 htb rate 15Kbit ceil 55Kbit burst 10k prio=20 2
 $TC class add dev eth1 parent 1:1 classid 1:30 htb rate 7Kbit = ceil=20 28Kbit burst 5k prio 3
 $TC qdisc add dev eth1 parent 1:10 = handle 10:=20 sfq perturb 10
 $TC qdisc add dev eth1 parent 1:20 handle 20: = sfq=20 perturb 10
 $TC qdisc add dev eth1 parent 1:30 handle 30: sfq = perturb=20 10
 $TC filter add dev eth1 parent 1:0 protocol ip prio 10 u32=20 \
   match ip tos 0x10 0xff  flowid 1:10
 $TC = filter=20 add dev eth1 parent 1: protocol ip prio 10 u32 \
    = match ip=20 protocol 6 0xff \
    match u8 0x05 0x0f at 0=20 \
    match u16 0x0000 0xffc0 at 2 = \
   =20 match u8 0x10 0xff at 33 \
    flowid=20 1:10
 
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s !=20 10.0.0.0/24 -j MARK --set-mark 12
# $IPTABLES -t mangle -A = POSTROUTING -o=20 eth1 -s ! 10.0.0.0/24 -p icmp -j MARK --set-mark 11
 $IPTABLES = -t mangle=20 -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --sport 22 -j MARK = --set-mark=20 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 = -p tcp=20 --sport 80 -j MARK --set-mark 11
 $IPTABLES -t mangle -A = POSTROUTING -o=20 eth1 -s ! 10.0.0.0/24 -p tcp --dport 80 -j MARK --set-mark = 11
 $IPTABLES=20 -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --dport 21 -j = MARK=20 --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s !=20 10.0.0.0/24 -p tcp --dport 20 -j MARK --set-mark 11
 $IPTABLES = -t mangle=20 -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 -p tcp --sport 3128 -j MARK = --set-mark=20 11
  $IPTABLES -t mangle -A POSTROUTING -o eth1 -s ! 10.0.0.0/24 = -p tcp=20 --dport 3128  -j MARK --set-mark 11
 $IPTABLES -t mangle -A = POSTROUTING -o eth1 -s 10.0.0.0/24 -j MARK --set-mark = 13
 
$IPTABLES=20 -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 80 -j = MARK=20 --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s = 10.0.0.0/24=20 -p tcp --dport 443 -j MARK --set-mark 11
 $IPTABLES -t mangle -A = POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 53 -j MARK --set-mark=20 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p = udp=20 --dport 53 -j MARK --set-mark 11
 $IPTABLES -t mangle -A = POSTROUTING -o=20 eth1 -s 10.0.0.0/24 -p tcp --dport 22 -j MARK --set-mark = 11
 $IPTABLES=20 -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 23 -j = MARK=20 --set-mark 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s = 10.0.0.0/24=20 -p tcp --dport 21 -j MARK --set-mark 11
 $IPTABLES -t mangle -A=20 POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 25 -j MARK --set-mark=20 11
 $IPTABLES -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p = tcp=20 --dport 110 -j MARK --set-mark 11
 $IPTABLES -t mangle -A = POSTROUTING -o=20 eth1 -s 10.0.0.0/24 -p tcp --dport 5190 -j MARK --set-mark = 11
 $IPTABLES=20 -t mangle -A POSTROUTING -o eth1 -s 10.0.0.0/24 -p tcp --dport 6661:6669 = -j MARK=20 --set-mark 11
$IPTABLES -t mangle -A POSTROUTING -p icmp -j MARK = --set-mark=20 11
$IPTABLES -t mangle -A POSTROUTING -o eth0 -s 10.0.0.0/24 -p udp = --dport=20 3128 -j MARK --set-mark 11
$IPTABLES -t mangle -A POSTROUTING -o eth0 = -s=20 10.0.0.0/24 -p tcp --dport 3128 -j MARK --set-mark 11
#$IPTABLES -t = mangle -A=20 POSTROUTING -p icmp -j RETURN
$TC filter add dev eth1 parent 1:0 = protocol ip=20 handle 11 fw flowid 1:10
 $TC filter add dev eth1 parent 1:0 = protocol ip=20 handle 12 fw flowid 1:20
 $TC filter add dev eth1 parent 1:0 = protocol ip=20 handle 13 fw flowid 1:30
 
please help with clarification =
regards
 
Dealing in Computers, Software and=20 Peripherals
Jayesh Chandran Compucat Technologies
(An=20 associate of Milan Cable = Television)
1.Goliondoi=20 Road, Arusha.
2.Ground Floor, Serengeti = Wing,
PB=20 No. 10367, AICC, Arusha, Tanzania
jayesh@bol.co.tz
tel: =
fax:=20
mobile: 		+255 27 2502660
+255 27=20 2504527
+255 748 586169=20 =
Add me to your address = book... Want a signature like=20 = this?
------=_NextPart_000_0021_01C4F5B0.5A623010-- _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/