[LARTC] script to shape outbound passive/active ftp traffic

[LARTC] script to shape outbound passive/active ftp traffic

[nix4me]

Hi,
 
I just wanted to share my script with the list.  I have been trying to 
shape outbound passive and active ftp traffic without affecting inbound 
and lan transfers.  I have tried to do this for a long time and it seems 
that I have finally figured it out.
 
Feel free to comment on the below script if there is anything that can 
be improved.  It seems to work flawlessly so far.


#!/bin/bash
#shaping passive and active outbound ftp traffic on an internal computer 
without affecting inbound and lan speed

# mark the outbound passive ftp packets on ports 50000-51000
iptables -t mangle -D OUTPUT -o eth0 -j MYSHAPER-OUT 2> /dev/null > 
/dev/null
iptables -t mangle -F MYSHAPER-OUT 2> /dev/null > /dev/null
iptables -t mangle -X MYSHAPER-OUT 2> /dev/null > /dev/null
 
iptables -t mangle -N MYSHAPER-OUT
iptables -t mangle -I OUTPUT -o eth0 -j MYSHAPER-OUT

iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 65436 -j MARK 
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -p tcp --sport 50000:51000 -j MARK 
--set-mark 20
iptables -t mangle -A MYSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 26
# clear it
tc qdisc del dev eth0 root

#add the root qdisk
tc qdisc add dev eth0 root handle 1: htb default 26

#add main rate limit class
tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit

#add leaf classes
tc class add dev eth0 parent 1:1 classid 1:20 htb rate 40kbps
tc class add dev eth0 parent 1:1 classid 1:26 htb rate 100mbit

#filter traffic into classes
tc filter add dev eth0 parent 1:0  prio 0 protocol ip handle 20 fw 
flowid 1:20
tc filter add dev eth0 parent 1:0  prio 0 protocol ip handle 26 fw 
flowid 1:26

Mark Ryan
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/