From: Dr Aldo Medina <aldomedina@hotpop.com>
To: netfilter@lists.netfilter.org
Subject: Test script for P2P
Date: 05 Jun 2003 23:16:44 -0500 [thread overview]
Message-ID: <1054873047.864.211.camel@linuxclient> (raw)
Based in wshaper:
#!/bin/bash
# MLDonkey Wondershaper
# In kilobits
DOWNLINK=256
UPLINK=128
DEV=ppp0
QLEN=30 #Default 3
RQ=1 #Default 10
BURST=30 #Default 6
CLASS12="http/tcp/both pop3/tcp/dport pop3s/tcp/dport https/tcp/dport
8080/tcp/b
oth nntp/tcp/both"
case "$1" in
start)
IPTCMD="iptables -A WSHAPER -t mangle -p"
tc disc del dev $DEV root 2> /dev/null > /dev/null
tc disc del dev $DEV ingress 2> /dev/null > /dev/null
tc disc del dev imq0 root 2> /dev/null > /dev/null
iptables -t mangle -D POSTROUTING -o $DEV -j WSHAPER 2> /dev/null
\
> /dev/null
ip link set dev $DEV qlen $QLEN
tc qdisc add dev $DEV root handle 1: htb r2q $RQ default 13
tc class add dev $DEV parent 1: classid 1:1 htb rate
$[$UPLINK-2]kbit \
ceil $[$UPLINK-2]kbit burst ${BURST}k
tc class add dev $DEV parent 1:1 classid 1:10 htb rate \
$[(($UPLINK-2)*17)/100]kbit ceil $[$UPLINK-2]kbit prio 2
tc class add dev $DEV parent 1:1 classid 1:11 htb rate \
$[(($UPLINK-2)*40)/100]kbit ceil $[$UPLINK-2]kbit prio 0
tc class add dev $DEV parent 1:1 classid 1:12 htb rate \
$[(($UPLINK-2)*40)/100]kbit ceil $[$UPLINK-2]kbit prio 1
tc class add dev $DEV parent 1:1 classid 1:13 htb rate \
1kbit ceil $[$UPLINK-2]kbit prio 3
tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
tc qdisc add dev $DEV parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev $DEV parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev $DEV parent 1:13 handle 13: sfq perturb 10
tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 10 \
fw flowid 1:10
tc filter add dev $DEV parent 1:0 prio 1 protocol ip handle 11 \
fw flowid 1:11
tc filter add dev $DEV parent 1:0 prio 2 protocol ip handle 12 \
fw flowid 1:12
tc filter add dev $DEV parent 1:0 prio 3 protocol ip handle 13 \
fw flowid 1:13
iptables -t mangle -N WSHAPER
iptables -t mangle -I POSTROUTING -o $DEV -j WSHAPER
# Class 10
$IPTCMD tcp -m length --length :64 -j MARK --set-mark 10 ## ACKs
# $IPTCMD tcp -p tcp --tcp-flags ACK -j MARK --set-mark 10
# Class 11
$IPTCMD tcp --dport ssh -j MARK --set-mark 11 ## SSH
$IPTCMD tcp --sport ssh -j MARK --set-mark 11
$IPTCMD icmp -j MARK --set-mark 11 ## ICMP
$IPTCMD udp --dport domain -j MARK --set-mark 11 ## DNS
$IPTCMD all --source 192.168.0.2 -j MARK --set-mark 11 ##
linuxclient
$IPTCMD all --destination 192.168.0.2 -j MARK --set-mark 11
$IPTCMD all --source 192.168.0.3 -j MARK --set-mark 11 ##
linuxlaptop
$IPTCMD all --destination 192.168.0.3 -j MARK --set-mark 11
$IPTCMD all --source 192.168.0.4 -j MARK --set-mark 11 ##
compaqlaptop
$IPTCMD all --destination 192.168.0.4 -j MARK --set-mark 11
# Class 12
for PORTPROTODEST in $CLASS12 ; do
PORT=`echo $PORTPROTODEST | awk -F/ '{print $1}'`
PROTO=`echo $PORTPROTODEST | awk -F/ '{print $2}'`
DEST=`echo $PORTPROTODEST | awk -F/ '{print $3}'`
if [ "$PROTO" = "both" ]; then
if [ "$DEST" = "both" ]; then
$IPTCMD tcp --dport $PORT -j MARK --set-mark 12
$IPTCMD udp --sport $PORT -j MARK --set-mark 12
$IPTCMD tcp --sport $PORT -j MARK --set-mark 12
$IPTCMD udp --dport $PORT -j MARK --set-mark 12
else
$IPTCMD tcp --$DEST $PORT -j MARK --set-mark 12
$IPTCMD udp --$DEST $PORT -j MARK --set-mark 12
fi
else
if [ "$DEST" = "both" ]; then
$IPTCMD $PROTO --dport $PORT -j MARK --set-mark 12
$IPTCMD $PROTO --sport $PORT -j MARK --set-mark 12
else
$IPTCMD $PROTO --$DEST $PORT -j MARK --set-mark 12
fi
fi
done
# Class 13 default
$IPTCMD udp --sport 4660:4670 -j MARK --set-mark 13
$IPTCMD udp --dport 4660:4670 -j MARK --set-mark 13
$IPTCMD tcp --sport 4660:4670 -j MARK --set-mark 13
$IPTCMD tcp --dport 4660:4670 -j MARK --set-mark 13
$IPTCMD udp --dport 8948 -j MARK --set-mark 13
$IPTCMD tcp --dport 8948 -j MARK --set-mark 13
$IPTCMD udp --sport 8948 -j MARK --set-mark 13
$IPTCMD tcp --sport 8948 -j MARK --set-mark 13
tc qdisc add dev imq0 handle 1: root htb default 1
tc class add dev imq0 parent 1: classid 1:1 htb rate $[DOWNLINK-2]kbit
tc qdisc add dev imq0 parent 1:1 handle 10: htb default 5
tc class add dev imq0 parent 10: classid 10:1 htb \
rate $[((DOWNLINK-2)*10)/100]kbit ceil $[DOWNLINK-2]kbit burst 30k
prio 1
tc class add dev imq0 parent 10: classid 10:2 htb \
rate $[((DOWNLINK-2)*70)/100]kbit ceil $[DOWNLINK-2]kbit burst 30k
prio 2
tc class add dev imq0 parent 10: classid 10:5 htb \
rate $[((DOWNLINK-2)*20)/100]kbit ceil $[DOWNLINK-2]kbit prio 3
tc qdisc add dev imq0 parent 10:1 handle 21:0 pfifo
tc qdisc add dev imq0 parent 10:2 handle 22:0 sfq
tc qdisc add dev imq0 parent 10:5 handle 23:0 sfq
tc filter add dev imq0 protocol ip pref 1 parent 10: handle 1 fw classid
10:1
tc filter add dev imq0 protocol ip pref 2 parent 10: handle 2 fw classid
10:2
iptables -t mangle -A PREROUTING -i $DEV -j IMQ
iptables -t mangle -A PREROUTING -i $DEV -p tcp -m tos --tos
minimize-delay -m s
tate --state ESTABLISHED -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i $DEV -p tcp -m length --length :64
-j MARK -
-set-mark 1
iptables -t mangle -A PREROUTING -i $DEV -p tcp --dport 22 -m state
--state EST
ABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport 80 --dport 1024:
-m stat
e --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --dport 80 --sport 1024:
-m stat
e --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport 443 --dport
1024: -m sta
te --state ESTABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p tcp --sport pop3 -m state
--state ES
TABLISHED -j MARK --set-mark 2
iptables -t mangle -A PREROUTING -i $DEV -p udp --sport domain -j MARK
--set-mar
k 2
iptables -t mangle -A PREROUTING -i $DEV -p icmp -j MARK --set-mark 2
ip link set imq0 up
echo "wshaper started"
;;
stop)
iptables -t mangle -D POSTROUTING -o $DEV -j WSHAPER 2> /dev/null
\
> /dev/null
iptables -t mangle -D PREROUTING -i $DEV -j WSHAPER 2> /dev/null \
> /dev/null
iptables -t mangle -D PREROUTING -i $DEV -j IMQ 2> /dev/null \
> /dev/null
iptables -t mangle -F PREROUTING 2> /dev/null >/dev/null
iptables -t mangle -F WSHAPER 2> /dev/null > /dev/null
iptables -t mangle -X WSHAPER 2> /dev/null > /dev/null
tc qdisc del dev $DEV root 2> /dev/null > /dev/null
tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
tc qdisc del dev imq0 root 2> /dev/null > /dev/null
echo "wshaper stopped"
;;
restart)
$0 stop
$0 start
;;
status)
# print anything interesting
echo "[qdisc]"
tc -s qdisc show dev $DEV
echo "[class]"
tc -s class show dev $DEV
echo "[iptables]"
iptables -t mangle -L WSHAPER -xnv
echo "[imq]"
tc -s qdisc show dev imq0
tc -s class show dev imq0
exit
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
;;
esac
Any opinions? I'm particularly interested in the values for variables
QLEN, RQ and BURST.
next reply other threads:[~2003-06-06 4:16 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-06 4:16 Dr Aldo Medina [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-05-21 17:17 Test script for P2P Dr Aldo Medina
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1054873047.864.211.camel@linuxclient \
--to=aldomedina@hotpop.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.