Re: [LARTC] HTB - shaping services and IP

From: "Phill" <PedroPhill@seznam.cz>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] HTB - shaping services and IP
Date: Fri, 19 Sep 2003 06:57:36 +0000	[thread overview]
Message-ID: <marc-lartc-106395473108838@msgid-missing> (raw)
In-Reply-To: <marc-lartc-106386774113974@msgid-missing>

I am sending the script onesmore, because the lines are longer than 80 chars.

Thanx,
    Phill

#!/bin/sh
################################################################################
#    HTB script made by phill
#    mailto:phill@seznam.cz
################################################################################
LOCAL="imq0"
NET="ppp0"

CeilDownload\x170
CeilDouwnloadDC\x120 #max download speed for direct connect
CeilUpload–
CeilUploadDC\x16     #max upload speed for direct connect
################################################################################
#echo -n "Starting HTB..."
################################################################################
    modprobe imq numdevs=1
    ip link set imq0 up
################################################################################
#    Download part ...
################################################################################

tc qdisc add dev $LOCAL root handle 1: htb default 14

tc class add dev $LOCAL parent 1:  classid 1:1  htb rate ${CeilDownload}kbit
ceil ${CeilDownload}kbit

#11-->Fast-WWW,telnet,ssh,ping,...
    tc class add dev $LOCAL parent 1:1 classid 1:11 htb rate 100kbit ceil
${CeilDownload}kbit prio 1 burst 15k quantum 100
#12-->Medium-eMail
    tc class add dev $LOCAL parent 1:1 classid 1:12 htb rate 25kbit  ceil
${CeilDownload}kbit prio 2 burst 5k  quantum 100
#13-->Slow-FTP
    tc class add dev $LOCAL parent 1:1 classid 1:13 htb rate 25kbit  ceil
${CeilDownload}kbit prio 3 burst 15k quantum 100
#14-->Brak-Default
    tc class add dev $LOCAL parent 1:1 classid 1:14 htb rate 18kbit  ceil
${CeilDownload}kbit prio 4 burst 5k quantum 100
#15-->DC,eDonkey
    tc class add dev $LOCAL parent 1:1 classid 1:15 htb rate 2kbit   ceil
${CeilDownloadDC}kbit prio 5 quantum 1

tc filter add dev $LOCAL parent 1:0 protocol ip prio 1 handle 1 fw classid 1:11
tc filter add dev $LOCAL parent 1:0 protocol ip prio 2 handle 2 fw classid 1:12
tc filter add dev $LOCAL parent 1:0 protocol ip prio 3 handle 3 fw classid 1:13
tc filter add dev $LOCAL parent 1:0 protocol ip prio 4 handle 4 fw classid 1:14
tc filter add dev $LOCAL parent 1:0 protocol ip prio 5 handle 5 fw classid 1:15

#sfq
tc qdisc add dev $LOCAL parent 1:11 handle 11: sfq perturb 10
tc qdisc add dev $LOCAL parent 1:12 handle 12: sfq perturb 10
tc qdisc add dev $LOCAL parent 1:13 handle 13: sfq perturb 10
tc qdisc add dev $LOCAL parent 1:14 handle 14: sfq perturb 10
tc qdisc add dev $LOCAL parent 1:15 handle 15: sfq perturb 10

#IPTABLES
#default
    iptables -A PREROUTING -t mangle -j MARK --set-mark 0x4
#11
    #WWW without squida
        iptables -A PREROUTING -t mangle  -p tcp --sport 80 -j MARK --set-mark
0x1
        iptables -A PREROUTING -t mangle -p tcp --sport 443 -j MARK --set-mark
0x1
    #WWW through squid <???>
         #dont know how but lets say everything going to the router machine will
         #have this class. This works :->
         iptables -A PREROUTING -t mangle -p tcp -s 192.168.1.1 -j
MARK --set-mark 0x1
    #telnet
        iptables -A PREROUTING -t mangle -p tcp --sport 23 -j MARK --set-mark
0x1
        iptables -A PREROUTING -t mangle -p udp --sport 23 -j MARK --set-mark
0x1
    #ssh
        iptables -A PREROUTING -t mangle -p tcp --sport 22 -j MARK --set-mark
0x1
        iptables -A PREROUTING -t mangle -p udp --sport 22 -j MARK --set-mark
0x1
    #icmp
        iptables -A PREROUTING -t mangle -p icmp -j MARK --set-mark 0x1
    #dns
        iptables -A PREROUTING -t mangle -p tcp --sport 53 -j MARK --set-mark
0x1
        iptables -A PREROUTING -t mangle -p udp --sport 53 -j MARK --set-mark
0x1
    #ack
        iptables -t mangle -I PREROUTING -p tcp -m tcp --tcp-flags SYN,RST,ACK
SYN -j MARK --set-mark 0x1
#12
   #pop3
      iptables -A PREROUTING -t mangle -p tcp --sport 110 -j MARK --set-mark 0x2
      iptables -A PREROUTING -t mangle -p udp --sport 110 -j MARK --set-mark 0x2
   #smtp
      iptables -A PREROUTING -t mangle -p tcp --sport 25 -j MARK --set-mark 0x2

      iptables -A PREROUTING -t mangle -p udp --sport 25 -j MARK --set-mark 0x2
   #imap
      iptables -A PREROUTING -t mangle -p tcp --sport 143 -j MARK --set-mark 0x2
      iptables -A PREROUTING -t mangle -p udp --sport 143 -j MARK --set-mark 0x2
#13
   #ftp
    iptables -A PREROUTING -t mangle -p tcp -m tcp --sport 20:21 -j
MARK --set-mark 0x3
#14
   #Brak...DEFAULT!!!
#15
   #DC 2 users, 2 ports 412,414
    iptables -A PREROUTING -t mangle -p tcp -m tcp --sport 412 -j
MARK --set-mark 0x5
    iptables -A PREROUTING -t mangle -p tcp -m tcp --dport 412 -j
MARK --set-mark 0x5
    iptables -A PREROUTING -t mangle -p tcp -m tcp --sport 414 -j
MARK --set-mark 0x5
    iptables -A PREROUTING -t mangle -p tcp -m tcp --dport 414 -j
MARK --set-mark 0x5
   #eDonkey
    iptables -A PREROUTING -t mangle -p tcp --sport 4662 -j MARK --set-mark 0x5
    iptables -A PREROUTING -t mangle -p tcp --dport 4662 -j MARK --set-mark 0x5

################################################################################
#    Download part ... OK
################################################################################
################################################################################
#    Upload part ...
################################################################################

tc qdisc add dev $NET root handle 2: htb default 21

tc class add dev $NET parent 2:  classid 2:1  htb rate ${CeilUpload}kbit ceil
${CeilUpload}kbit

#11-->Fast-everything...Default
    tc class add dev $NET parent 2:1 classid 2:11 htb rate 90kbit ceil
${CeilUpload}kbit prio 7 burst 15k
#12-->Slow-DC,edonkey upload
    tc class add dev $NET parent 2:1 classid 2:12 htb rate 6kbit  ceil
${CeilUploadDC}kbit prio 8 burst 5k quantum 1

tc filter add dev $NET parent 2:0 protocol ip prio 1 handle 1 fw classid 2:11
tc filter add dev $NET parent 2:0 protocol ip prio 5 handle 5 fw classid 2:12

################################################################################
#    Upload part ... OK
################################################################################

iptables -t mangle -A PREROUTING -i ppp0 -j IMQ

echo " OK"

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/